The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches core binaries and scripts from official vendor repositories. Critical installation steps include SHA256 integrity verification for the installer script.
[COMMAND_EXECUTION]: Uses shell commands for version management and relies on the onchainos CLI for wallet operations. The plugin's architecture enforces a preview/confirm flow, requiring explicit user approval before any on-chain transaction is broadcast.
[REMOTE_CODE_EXECUTION]: While the skill downloads executable binaries, these are sourced from a recognized organization and include a built-in calldata validation engine. This engine inspects transaction data for malicious selectors (like direct token transfers) and restricts execution to verified protocol contracts.
[DATA_EXFILTRATION]: Communication is limited to official protocol APIs and standard blockchain RPC nodes for market data retrieval and transaction broadcasting. No local credentials or sensitive data are exposed to external entities.
[SAFE]: Implements proactive security controls, such as a data trust boundary warning for the AI agent and a validation layer that protects against supply-chain attacks on the protocol's hosted SDK.

pendle-plugin