The Agent Skills Directory

[SAFE]: The skill implements a dedicated 'Safety Rules' section in SKILL.md that defines strict validation patterns for all CLI flags, including regex checks for addresses and amounts.
[SAFE]: Mandatory confirmation requirements are established for all state-changing operations (transfers, swaps, signing, etc.), ensuring user oversight before any on-chain action.
[SAFE]: Credential management best practices are enforced. The skill explicitly warns against using passwords or mnemonics as inline flags, instead directing the use of environment variables to prevent leakage in shell history.
[SAFE]: The preflight process includes an environment readiness check (mm doctor) and version compatibility verification to ensure the execution context is stable and secure.
[SAFE]: The skill uses curl to interact with the Aave V3 GraphQL API (api.v3.aave.com) for querying market data and constructing transaction payloads, which is standard for DeFi integrations.
[SAFE]: A local helper script, scripts/amount_to_hex.py, is used for simple numerical conversion and contains no malicious code or unsafe dynamic execution patterns.

metamask-agent-wallet