The Agent Skills Directory

[SAFE]: The skill serves as an extensive technical reference for the Machine Payments Protocol (MPP). It includes architectural overviews, protocol specifications, and integration examples for building paid APIs and autonomous agent payment flows.
[COMMAND_EXECUTION]: Documentation includes standard developer commands for dependency management (npm, pip, cargo) and protocol testing via the 'mppx' CLI tool. All commands are routine for the described development context.
[EXTERNAL_DOWNLOADS]: The skill references several SDKs and libraries (mppx, pympp, mpp, viem, etc.) hosted on official package registries and GitHub repositories. These resources are part of the protocol's ecosystem and do not constitute a security risk in this context.
[CREDENTIALS_UNSAFE]: While the skill involves handling sensitive credentials like private keys, mnemonics, and API keys, it consistently demonstrates and recommends secure practices, such as using environment variables (e.g., process.env.MNEMONIC) and avoiding hardcoded secrets in code examples.
[DATA_EXPOSURE]: The protocol is designed to process untrusted data from the network (HTTP headers and JSON-RPC messages). The documentation specifies robust security controls, including HMAC-SHA256 challenge binding, Zod schema validation, and EIP-712 signature verification to mitigate potential injection or tampering risks.

mpp