The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes subcommands of the onchainos CLI to perform wallet operations, sign payment authorizations, and manage escrow-based payment channels. These are legitimate operations tied to the skill's primary function of handling blockchain payments.
[EXTERNAL_DOWNLOADS]: The skill performs HTTP requests to external URLs provided by the user or identified in payment challenges to retrieve gated resources. This activity is restricted to the proxying of requests that trigger the payment protocol.
[PROMPT_INJECTION]: The skill parses data from external HTTP response headers (WWW-Authenticate, PAYMENT-REQUIRED) and JSON bodies to extract payment parameters. While this ingestion of untrusted data constitutes an Indirect Prompt Injection surface, the skill implements a mandatory Step A4 in SKILL.md that requires explicit user review and confirmation of all payment details (network, token, amount, and recipient) before any signing tool is invoked.
[CREDENTIALS_UNSAFE]: The skill supports a local-key fallback for development use, involving the storage of an EVM_PRIVATE_KEY in ~/.onchainos/.env. The instructions explicitly guide the user to set secure file permissions (chmod 600) and include a clear security notice regarding the lack of TEE protection for this specific mode, directing users toward the TEE-protected path for production use.

okx-agent-payments-protocol