The Agent Skills Directory

[PROMPT_INJECTION]: The skill provides instructions for the AI agent to execute a shell-based version check and update script upon initialization.
Evidence: SKILL.md contains an "AI Agent Instruction" block with a bash script for checking updates via GitHub.
[EXTERNAL_DOWNLOADS]: Downloads project configuration, installers, and binaries from the vendor's official GitHub repositories and uses public blockchain infrastructure.
Evidence: SKILL.md references github.com/okx/plugin-store, github.com/okx/onchainos-skills, and RPC endpoints like base-rpc.publicnode.com.
[REMOTE_CODE_EXECUTION]: Retrieves and executes a platform-specific binary and an installation script, with the script being verified against a SHA256 checksum.
Evidence: SKILL.md shell blocks for binary download and onchainos installation.
[COMMAND_EXECUTION]: Utilizes shell commands and the onchainos CLI to perform protocol operations and manage tool updates.
Evidence: SKILL.md pre-flight dependencies and src/onchainos.rs wrapper functions.
[SAFE]: The skill processes external token metadata while implementing mitigations against indirect injection, including security notices and automated token scans.
Ingestion points: Token info and positioning data from src/api.rs, src/commands/token_info.rs, and src/onchainos.rs.
Boundary markers: SKILL.md features a dedicated "Data Trust Boundary" notice to guide the agent.
Capability inventory: Invocation of blockchain contract calls and wallet commands via onchainos subprocesses.
Sanitization: Includes address format validation in src/commands/token_info.rs and mandatory security scans via onchainos security token-scan before reward claims.

clanker-plugin