The Agent Skills Directory

[SAFE]: The skill performs automated setup and maintenance by fetching scripts and binaries from 'okx' GitHub repositories. These are recognized as trusted vendor resources. The installation process for the CLI tool includes a security checkpoint that verifies the SHA256 checksum of the downloaded script against an official manifest before execution.
[SAFE]: All network requests are directed to official public RPC providers for BSC, Ethereum, Base, and Arbitrum, or to the vendor's own infrastructure on GitHub. No unauthorized data exfiltration or connections to suspicious domains were detected.
[SAFE]: Sensitive write operations on the blockchain (such as staking NFTs or harvesting rewards) are protected by a required --confirm flag. The skill provides a detailed preview of the transaction parameters and calldata when the flag is absent, ensuring the user remains in control of all state-changing actions.
[SAFE]: The skill implements a 'Data Trust Boundary' to mitigate risks from indirect prompt injection. It explicitly warns the agent to treat external blockchain data (token symbols, amounts, etc.) as untrusted and filters output to display only relevant fields, preventing raw data from polluting the agent's instruction context.

pancakeswap-clmm-plugin