The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill facilitates downloading agent registration files (JSON) and feedback metadata from external URIs, including IPFS and HTTPS endpoints. These downloads are core to the discovery and reputation system but introduce external data into the agent's context.
[PROMPT_INJECTION]: Risk of indirect prompt injection exists through the processing of untrusted external content.
Ingestion points: Data is ingested via sdk.loadAgent, sdk.searchAgents, and sdk.getFeedback which retrieve information from subgraphs and IPFS (as described in SKILL.md and references/sdk-typescript.md).
Boundary markers: No specific boundary markers or 'ignore' instructions for interpolated data are defined in the provided documentation.
Capability inventory: The skill possesses capabilities to perform blockchain transactions (via the SDK and viem) and interact with environment variables for RPC endpoints and private keys.
Sanitization: Documentation mentions soft-fail mechanisms for unreachable endpoints, but does not detail sanitization or validation of the natural language content (names, descriptions, feedback text) retrieved from external sources.

erc-8004