Buy Anything

The 'buy-anything' skill facilitates e-commerce purchases through the Rye API (api.rye.com) and BasisTheory payment vault. The instructions in SKILL.md demonstrate strong security awareness, specifically directing the agent to use quoted heredocs with curl to prevent shell injection, validating checkout IDs with regex, and explicitly warning the agent to ignore indirect prompt injection attempts from external product descriptions. The skill handles PII and payment tokens in a manner consistent with its stated purpose, utilizing external PCI-compliant capture pages to ensure raw card data never enters the agent's environment.