The Agent Skills Directory

[COMMAND_EXECUTION]: The skill interacts with the local onchainos CLI via subprocess.run in wallet_tracker.py and risk_check.py. This is implemented using safe argument lists without shell execution (shell=True is not used), which effectively mitigates command injection risks. These calls are limited to legitimate blockchain operations.
[DATA_EXFILTRATION]: No evidence of sensitive data harvesting or unauthorized exfiltration was detected. Wallet operations utilize TEE-based signing via the external CLI, ensuring private keys are never exposed to the skill's code or state files.
[PROMPT_INJECTION]: The skill provides the agent with a robust 'External Data Boundary' framework in SKILL.md. It explicitly defines allowed fields for display and instructs the agent to treat all external token data as untrusted content, preventing indirect prompt injection attacks from malicious token metadata.
[SAFE]: The bot's integrated dashboard is restricted to localhost (127.0.0.1) and includes IP-based access control for management endpoints. The skill relies exclusively on the Python standard library and a verified vendor CLI, maintaining a minimal and secure dependency footprint.

wallet-tracker-mcap