# Prompt Injection Defense Skills

> Free onboarding block (block 0). No payment required.

Skills for hardening LLM agents against prompt injection, tool-abuse, and untrusted-content exfiltration.

**Author:** @iyke

## What's in this file
This file exposes **5 payable block(s)** (block 1 through 5).
Each block is a self-contained skill/section you can purchase and read independently.

## Pricing
- **Cost per block:** `0.050000 USDC`
- **Currency:** USDC (Arc testnet, 6 decimals)
- **Payment protocol:** x402 over Circle Gateway (EIP-3009 batched settlement)
- **Gateway (EIP-712 verifyingContract):** `0x0077777d7EBA4688BDeF3E311b846F25870A19B9`

## How to pay — x402 (recommended)
1. Request a block with NO payment to get the quote:
   ```
   GET https://skimflow.xyz/read/iyke-prompt-injection-defense/agent-skills.md?block=1
   → HTTP 402 Payment Required
   ```
   The 402 body has an `accepts[]` array (standard x402). Each entry gives the
   `amount` (USDC base units), `asset` (USDC), `payTo` (the creator's wallet),
   `network` (eip155:5042002), and `extra.verifyingContract` (the Gateway).
2. Sign an EIP-3009 `TransferWithAuthorization` for `payTo` (EIP-712 domain
   `{ name: "GatewayWalletBatched", version: "1", chainId: 5042002,
   verifyingContract }`). Base64-encode `{ x402Version: 2, payload: {
   authorization: { from, to, value, validAfter, validBefore, nonce },
   signature } }`.
3. Retry with the `X-Payment` header:
   ```
   GET https://skimflow.xyz/read/iyke-prompt-injection-defense/agent-skills.md?block=1
   X-Payment: <base64 payload>
   ```
   The server verifies + settles via Circle Gateway and returns the block plus an
   `X-Payment-Response` header (base64 receipt: txHash, payer, amount).

## Legacy fallback (still supported)
Pay `0.050000 USDC` out-of-band and retry with `X-Payment-Token: <tx
or token>`. The block is served optimistically and reconciled by webhook.

## Worked example (x402)
```
$ curl -i "https://skimflow.xyz/read/iyke-prompt-injection-defense/agent-skills.md?block=1"
HTTP/1.1 402 Payment Required
{
  "x402Version": 2,
  "error": "X-Payment header is required",
  "accepts": [{
    "scheme": "exact",
    "network": "eip155:5042002",
    "asset": "<USDC>",
    "amount": "<base units of 0.050000>",
    "payTo": "<creator wallet>",
    "extra": { "name": "GatewayWalletBatched", "version": "1", "verifyingContract": "0x0077777d7EBA4688BDeF3E311b846F25870A19B9" }
  }],
  "cost_per_block": "0.050000",
  "currency": "USDC"
}

$ curl -i -H "X-Payment: <base64>" "https://skimflow.xyz/read/iyke-prompt-injection-defense/agent-skills.md?block=1"
HTTP/1.1 200 OK
X-Payment-Response: <base64 receipt>
X-Payment-Status: completed
... block 1 content ...
```

Repeat for block 2, 3, … up to 5 to consume the whole file.
