shll-skills 5.1.0 → 5.2.0

package/SKILL.md

@@ -270,6 +270,19 @@ Step 2: Call SHLL execute_calldata(token_id, target, data, value) → PolicyGuar
 
 For multi-step transactions (e.g. approve + swap), use `execute_calldata_batch` to execute atomically.
 
+⚠️ **CRITICAL SECURITY: Verify Recipient Address**
+
+Before executing calldata from an external source, you **MUST verify** that any `recipient`, `to`, or `receiver` address embedded in the calldata matches the agent's vault address. Use the `portfolio` tool to get the vault address first.
+
+**Why:** A compromised or malicious API could return valid-looking swap calldata but with the recipient set to an attacker's address. PolicyGuard validates the target contract and spending limits, but does NOT parse internal calldata fields like `recipient`.
+
+```
+Step 0: portfolio(token_id) → get vault address
+Step 1: Get calldata from OKX/Bitget/1inch
+Step 2: Verify that 'recipient' in calldata == vault address
+Step 3: execute_calldata(token_id, target, data, value)
+```
+
 ---
 
 ## LINKS

package/dist/mcp.js

@@ -641,9 +641,51 @@ function createClients() {
   });
   return { account, publicClient, policyClient, config };
 }
+var AGENT_NFA_EXPIRY_ABI = [
+  { name: "operatorExpiresOf", type: "function", stateMutability: "view", inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }] },
+  { name: "userExpires", type: "function", stateMutability: "view", inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }] }
+];
+async function checkAgentExpiry(tokenId) {
+  const config = getConfig();
+  const pc = (0, import_viem2.createPublicClient)({ chain: import_chains2.bsc, transport: (0, import_viem2.http)(config.rpc) });
+  const [operatorExpires, userExpires] = await Promise.all([
+    pc.readContract({ address: config.nfa, abi: AGENT_NFA_EXPIRY_ABI, functionName: "operatorExpiresOf", args: [tokenId] }),
+    pc.readContract({ address: config.nfa, abi: AGENT_NFA_EXPIRY_ABI, functionName: "userExpires", args: [tokenId] })
+  ]);
+  const now = BigInt(Math.floor(Date.now() / 1e3));
+  if (now > operatorExpires) {
+    return {
+      expired: true,
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          status: "error",
+          message: `Agent token-id ${tokenId} operator authorization has EXPIRED (expired at ${new Date(Number(operatorExpires) * 1e3).toISOString()}). Please renew at https://shll.run/me or use a different token-id.`,
+          expiredAt: new Date(Number(operatorExpires) * 1e3).toISOString(),
+          action: "renew"
+        })
+      }]
+    };
+  }
+  if (now > userExpires) {
+    return {
+      expired: true,
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          status: "error",
+          message: `Agent token-id ${tokenId} rental has EXPIRED (expired at ${new Date(Number(userExpires) * 1e3).toISOString()}). Please renew at https://shll.run/me or use a different token-id.`,
+          expiredAt: new Date(Number(userExpires) * 1e3).toISOString(),
+          action: "renew"
+        })
+      }]
+    };
+  }
+  return { expired: false };
+}
 var server = new import_mcp.McpServer({
   name: "shll-defi",
-  version: "5.0.0"
+  version: "5.2.0"
 });
 server.tool(
   "portfolio",
@@ -741,6 +783,8 @@ server.tool(
   async ({ token_id, from, to, amount, dex, slippage }) => {
     const { publicClient, policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const vault = await policyClient.getVault(tokenId);
     const fromToken = resolveToken(from);
     const toToken = resolveToken(to);
@@ -834,6 +878,8 @@ server.tool(
   async ({ token_id, token, amount }) => {
     const { publicClient, policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const symbol = token.toUpperCase();
     const vTokenAddr = VENUS_VTOKENS[symbol];
     if (!vTokenAddr) return { content: [{ type: "text", text: JSON.stringify({ error: `Unsupported: ${symbol}. Use: ${Object.keys(VENUS_VTOKENS).join(", ")}` }) }] };
@@ -870,6 +916,8 @@ server.tool(
   async ({ token_id, token, amount }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const symbol = token.toUpperCase();
     const vTokenAddr = VENUS_VTOKENS[symbol];
     if (!vTokenAddr) return { content: [{ type: "text", text: JSON.stringify({ error: `Unsupported: ${symbol}` }) }] };
@@ -926,6 +974,8 @@ server.tool(
   async ({ token_id, token, amount, to }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const tokenInfo = resolveToken(token);
     const amt = parseAmount(amount, tokenInfo.decimals);
     const recipient = to;
@@ -1009,6 +1059,8 @@ server.tool(
   async ({ token_id, amount }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const amt = (0, import_viem2.parseEther)(amount);
     const data = (0, import_viem2.encodeFunctionData)({ abi: WBNB_ABI, functionName: "deposit" });
     const action = { target: WBNB, value: amt, data };
@@ -1028,6 +1080,8 @@ server.tool(
   async ({ token_id, amount }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const amt = (0, import_viem2.parseEther)(amount);
     const data = (0, import_viem2.encodeFunctionData)({ abi: WBNB_ABI, functionName: "withdraw", args: [amt] });
     const action = { target: WBNB, value: 0n, data };
@@ -1224,6 +1278,8 @@ server.tool(
     }
     const { account, publicClient, policyClient, config } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const walletClient = (0, import_viem2.createWalletClient)({ account, chain: import_chains2.bsc, transport: (0, import_viem2.http)(config.rpc) });
     const policies = await policyClient.getPolicies(tokenId);
     const results = [];
@@ -1316,16 +1372,18 @@ server.tool(
 );
 server.tool(
   "execute_calldata",
-  "Execute raw calldata through PolicyGuard safety layer. Use this to execute transactions from other DeFi skills (OKX DEX API, Bitget, 1inch, etc.) with SHLL on-chain policy enforcement. All actions are validated against spending limits, cooldowns, and whitelists before execution.",
+  "Execute raw calldata through PolicyGuard safety layer. Use this to execute transactions from other DeFi skills (OKX DEX API, Bitget, 1inch, etc.) with SHLL on-chain policy enforcement. IMPORTANT: Before calling, verify that any 'recipient' or 'to' address embedded in the calldata matches the agent's vault address (use the 'portfolio' tool to check). This prevents funds from being routed to an unintended address.",
   {
     token_id: import_zod.z.string().describe("Agent NFA Token ID"),
-    target: import_zod.z.string().describe("Target contract address (0x...)"),
-    data: import_zod.z.string().describe("Transaction calldata hex string"),
+    target: import_zod.z.string().regex(/^0x[0-9a-fA-F]{40}$/, "Must be a valid Ethereum address").describe("Target contract address (0x...)"),
+    data: import_zod.z.string().regex(/^0x[0-9a-fA-F]*$/, "Must be a valid hex string starting with 0x").describe("Transaction calldata hex string"),
     value: import_zod.z.string().default("0").describe("Native BNB value in wei (default: 0)")
   },
   async ({ token_id, target, data, value }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const action = {
       target,
       value: BigInt(value),
@@ -1363,14 +1421,16 @@ server.tool(
   {
     token_id: import_zod.z.string().describe("Agent NFA Token ID"),
     actions: import_zod.z.array(import_zod.z.object({
-      target: import_zod.z.string().describe("Target contract address"),
-      data: import_zod.z.string().describe("Calldata hex"),
+      target: import_zod.z.string().regex(/^0x[0-9a-fA-F]{40}$/, "Must be a valid Ethereum address").describe("Target contract address"),
+      data: import_zod.z.string().regex(/^0x[0-9a-fA-F]*$/, "Must be valid hex").describe("Calldata hex"),
       value: import_zod.z.string().default("0").describe("BNB value in wei")
     })).describe("Array of actions to execute atomically")
   },
   async ({ token_id, actions: rawActions }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const actions = rawActions.map((a) => ({
       target: a.target,
       value: BigInt(a.value || "0"),

package/dist/mcp.mjs

@@ -152,9 +152,51 @@ function createClients() {
   });
   return { account, publicClient, policyClient, config };
 }
+var AGENT_NFA_EXPIRY_ABI = [
+  { name: "operatorExpiresOf", type: "function", stateMutability: "view", inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }] },
+  { name: "userExpires", type: "function", stateMutability: "view", inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }] }
+];
+async function checkAgentExpiry(tokenId) {
+  const config = getConfig();
+  const pc = createPublicClient({ chain: bsc, transport: http(config.rpc) });
+  const [operatorExpires, userExpires] = await Promise.all([
+    pc.readContract({ address: config.nfa, abi: AGENT_NFA_EXPIRY_ABI, functionName: "operatorExpiresOf", args: [tokenId] }),
+    pc.readContract({ address: config.nfa, abi: AGENT_NFA_EXPIRY_ABI, functionName: "userExpires", args: [tokenId] })
+  ]);
+  const now = BigInt(Math.floor(Date.now() / 1e3));
+  if (now > operatorExpires) {
+    return {
+      expired: true,
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          status: "error",
+          message: `Agent token-id ${tokenId} operator authorization has EXPIRED (expired at ${new Date(Number(operatorExpires) * 1e3).toISOString()}). Please renew at https://shll.run/me or use a different token-id.`,
+          expiredAt: new Date(Number(operatorExpires) * 1e3).toISOString(),
+          action: "renew"
+        })
+      }]
+    };
+  }
+  if (now > userExpires) {
+    return {
+      expired: true,
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          status: "error",
+          message: `Agent token-id ${tokenId} rental has EXPIRED (expired at ${new Date(Number(userExpires) * 1e3).toISOString()}). Please renew at https://shll.run/me or use a different token-id.`,
+          expiredAt: new Date(Number(userExpires) * 1e3).toISOString(),
+          action: "renew"
+        })
+      }]
+    };
+  }
+  return { expired: false };
+}
 var server = new McpServer({
   name: "shll-defi",
-  version: "5.0.0"
+  version: "5.2.0"
 });
 server.tool(
   "portfolio",
@@ -252,6 +294,8 @@ server.tool(
   async ({ token_id, from, to, amount, dex, slippage }) => {
     const { publicClient, policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const vault = await policyClient.getVault(tokenId);
     const fromToken = resolveToken(from);
     const toToken = resolveToken(to);
@@ -345,6 +389,8 @@ server.tool(
   async ({ token_id, token, amount }) => {
     const { publicClient, policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const symbol = token.toUpperCase();
     const vTokenAddr = VENUS_VTOKENS[symbol];
     if (!vTokenAddr) return { content: [{ type: "text", text: JSON.stringify({ error: `Unsupported: ${symbol}. Use: ${Object.keys(VENUS_VTOKENS).join(", ")}` }) }] };
@@ -381,6 +427,8 @@ server.tool(
   async ({ token_id, token, amount }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const symbol = token.toUpperCase();
     const vTokenAddr = VENUS_VTOKENS[symbol];
     if (!vTokenAddr) return { content: [{ type: "text", text: JSON.stringify({ error: `Unsupported: ${symbol}` }) }] };
@@ -437,6 +485,8 @@ server.tool(
   async ({ token_id, token, amount, to }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const tokenInfo = resolveToken(token);
     const amt = parseAmount(amount, tokenInfo.decimals);
     const recipient = to;
@@ -520,6 +570,8 @@ server.tool(
   async ({ token_id, amount }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const amt = parseEther(amount);
     const data = encodeFunctionData({ abi: WBNB_ABI, functionName: "deposit" });
     const action = { target: WBNB, value: amt, data };
@@ -539,6 +591,8 @@ server.tool(
   async ({ token_id, amount }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const amt = parseEther(amount);
     const data = encodeFunctionData({ abi: WBNB_ABI, functionName: "withdraw", args: [amt] });
     const action = { target: WBNB, value: 0n, data };
@@ -735,6 +789,8 @@ server.tool(
     }
     const { account, publicClient, policyClient, config } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const walletClient = createWalletClient({ account, chain: bsc, transport: http(config.rpc) });
     const policies = await policyClient.getPolicies(tokenId);
     const results = [];
@@ -827,16 +883,18 @@ server.tool(
 );
 server.tool(
   "execute_calldata",
-  "Execute raw calldata through PolicyGuard safety layer. Use this to execute transactions from other DeFi skills (OKX DEX API, Bitget, 1inch, etc.) with SHLL on-chain policy enforcement. All actions are validated against spending limits, cooldowns, and whitelists before execution.",
+  "Execute raw calldata through PolicyGuard safety layer. Use this to execute transactions from other DeFi skills (OKX DEX API, Bitget, 1inch, etc.) with SHLL on-chain policy enforcement. IMPORTANT: Before calling, verify that any 'recipient' or 'to' address embedded in the calldata matches the agent's vault address (use the 'portfolio' tool to check). This prevents funds from being routed to an unintended address.",
   {
     token_id: z.string().describe("Agent NFA Token ID"),
-    target: z.string().describe("Target contract address (0x...)"),
-    data: z.string().describe("Transaction calldata hex string"),
+    target: z.string().regex(/^0x[0-9a-fA-F]{40}$/, "Must be a valid Ethereum address").describe("Target contract address (0x...)"),
+    data: z.string().regex(/^0x[0-9a-fA-F]*$/, "Must be a valid hex string starting with 0x").describe("Transaction calldata hex string"),
     value: z.string().default("0").describe("Native BNB value in wei (default: 0)")
   },
   async ({ token_id, target, data, value }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const action = {
       target,
       value: BigInt(value),
@@ -874,14 +932,16 @@ server.tool(
   {
     token_id: z.string().describe("Agent NFA Token ID"),
     actions: z.array(z.object({
-      target: z.string().describe("Target contract address"),
-      data: z.string().describe("Calldata hex"),
+      target: z.string().regex(/^0x[0-9a-fA-F]{40}$/, "Must be a valid Ethereum address").describe("Target contract address"),
+      data: z.string().regex(/^0x[0-9a-fA-F]*$/, "Must be valid hex").describe("Calldata hex"),
       value: z.string().default("0").describe("BNB value in wei")
     })).describe("Array of actions to execute atomically")
   },
   async ({ token_id, actions: rawActions }) => {
     const { policyClient } = createClients();
     const tokenId = BigInt(token_id);
+    const expiryCheck = await checkAgentExpiry(tokenId);
+    if (expiryCheck.expired) return { content: expiryCheck.content };
     const actions = rawActions.map((a) => ({
       target: a.target,
       value: BigInt(a.value || "0"),

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "shll-skills",
-    "version": "5.1.0",
+    "version": "5.2.0",
     "description": "SHLL DeFi Agent — CLI + MCP Server for BSC",
     "main": "dist/index.js",
     "bin": {

package/src/mcp.ts

@@ -191,13 +191,56 @@ function createClients() {
     return { account, publicClient, policyClient, config };
 }
 
+// Expiry pre-check: prevents write operations on expired agents with clear error
+const AGENT_NFA_EXPIRY_ABI = [
+    { name: "operatorExpiresOf", type: "function" as const, stateMutability: "view" as const, inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }] },
+    { name: "userExpires", type: "function" as const, stateMutability: "view" as const, inputs: [{ name: "tokenId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }] },
+] as const;
+
+async function checkAgentExpiry(tokenId: bigint) {
+    const config = getConfig();
+    const pc = createPublicClient({ chain: bsc, transport: http(config.rpc) });
+    const [operatorExpires, userExpires] = await Promise.all([
+        pc.readContract({ address: config.nfa as Address, abi: AGENT_NFA_EXPIRY_ABI, functionName: "operatorExpiresOf", args: [tokenId] }) as Promise<bigint>,
+        pc.readContract({ address: config.nfa as Address, abi: AGENT_NFA_EXPIRY_ABI, functionName: "userExpires", args: [tokenId] }) as Promise<bigint>,
+    ]);
+    const now = BigInt(Math.floor(Date.now() / 1000));
+    if (now > operatorExpires) {
+        return {
+            expired: true,
+            content: [{
+                type: "text" as const, text: JSON.stringify({
+                    status: "error",
+                    message: `Agent token-id ${tokenId} operator authorization has EXPIRED (expired at ${new Date(Number(operatorExpires) * 1000).toISOString()}). Please renew at https://shll.run/me or use a different token-id.`,
+                    expiredAt: new Date(Number(operatorExpires) * 1000).toISOString(),
+                    action: "renew",
+                })
+            }],
+        };
+    }
+    if (now > userExpires) {
+        return {
+            expired: true,
+            content: [{
+                type: "text" as const, text: JSON.stringify({
+                    status: "error",
+                    message: `Agent token-id ${tokenId} rental has EXPIRED (expired at ${new Date(Number(userExpires) * 1000).toISOString()}). Please renew at https://shll.run/me or use a different token-id.`,
+                    expiredAt: new Date(Number(userExpires) * 1000).toISOString(),
+                    action: "renew",
+                })
+            }],
+        };
+    }
+    return { expired: false };
+}
+
 // ═══════════════════════════════════════════════════════
 //                    MCP Server
 // ═══════════════════════════════════════════════════════
 
 const server = new McpServer({
     name: "shll-defi",
-    version: "5.0.0",
+    version: "5.2.0",
 });
 
 // ── Tool: portfolio ─────────────────────────────────────
@@ -306,6 +349,7 @@ server.tool(
     async ({ token_id, from, to, amount, dex, slippage }) => {
         const { publicClient, policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const vault = await policyClient.getVault(tokenId);
 
         const fromToken = resolveToken(from);
@@ -410,6 +454,7 @@ server.tool(
     async ({ token_id, token, amount }) => {
         const { publicClient, policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const symbol = token.toUpperCase();
         const vTokenAddr = VENUS_VTOKENS[symbol];
         if (!vTokenAddr) return { content: [{ type: "text" as const, text: JSON.stringify({ error: `Unsupported: ${symbol}. Use: ${Object.keys(VENUS_VTOKENS).join(", ")}` }) }] };
@@ -455,6 +500,7 @@ server.tool(
     async ({ token_id, token, amount }) => {
         const { policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const symbol = token.toUpperCase();
         const vTokenAddr = VENUS_VTOKENS[symbol];
         if (!vTokenAddr) return { content: [{ type: "text" as const, text: JSON.stringify({ error: `Unsupported: ${symbol}` }) }] };
@@ -519,6 +565,7 @@ server.tool(
     async ({ token_id, token, amount, to }) => {
         const { policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const tokenInfo = resolveToken(token);
         const amt = parseAmount(amount, tokenInfo.decimals);
         const recipient = to as Address;
@@ -616,6 +663,7 @@ server.tool(
     async ({ token_id, amount }) => {
         const { policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const amt = parseEther(amount);
         const data = encodeFunctionData({ abi: WBNB_ABI, functionName: "deposit" });
         const action: Action = { target: WBNB as Address, value: amt, data };
@@ -639,6 +687,7 @@ server.tool(
     async ({ token_id, amount }) => {
         const { policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const amt = parseEther(amount);
         const data = encodeFunctionData({ abi: WBNB_ABI, functionName: "withdraw", args: [amt] });
         const action: Action = { target: WBNB as Address, value: 0n, data };
@@ -862,6 +911,7 @@ server.tool(
 
         const { account, publicClient, policyClient, config } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const walletClient = createWalletClient({ account, chain: bsc, transport: http(config.rpc) });
         const policies = await policyClient.getPolicies(tokenId);
         const results: string[] = [];
@@ -973,16 +1023,17 @@ server.tool(
 // (OKX DEX API, Bitget, 1inch, etc.) and routes through PolicyGuard
 server.tool(
     "execute_calldata",
-    "Execute raw calldata through PolicyGuard safety layer. Use this to execute transactions from other DeFi skills (OKX DEX API, Bitget, 1inch, etc.) with SHLL on-chain policy enforcement. All actions are validated against spending limits, cooldowns, and whitelists before execution.",
+    "Execute raw calldata through PolicyGuard safety layer. Use this to execute transactions from other DeFi skills (OKX DEX API, Bitget, 1inch, etc.) with SHLL on-chain policy enforcement. IMPORTANT: Before calling, verify that any 'recipient' or 'to' address embedded in the calldata matches the agent's vault address (use the 'portfolio' tool to check). This prevents funds from being routed to an unintended address.",
     {
         token_id: z.string().describe("Agent NFA Token ID"),
-        target: z.string().describe("Target contract address (0x...)"),
-        data: z.string().describe("Transaction calldata hex string"),
+        target: z.string().regex(/^0x[0-9a-fA-F]{40}$/, "Must be a valid Ethereum address").describe("Target contract address (0x...)"),
+        data: z.string().regex(/^0x[0-9a-fA-F]*$/, "Must be a valid hex string starting with 0x").describe("Transaction calldata hex string"),
         value: z.string().default("0").describe("Native BNB value in wei (default: 0)"),
     },
     async ({ token_id, target, data, value }) => {
         const { policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const action: Action = {
             target: target as Address,
             value: BigInt(value),
@@ -1023,14 +1074,15 @@ server.tool(
     {
         token_id: z.string().describe("Agent NFA Token ID"),
         actions: z.array(z.object({
-            target: z.string().describe("Target contract address"),
-            data: z.string().describe("Calldata hex"),
+            target: z.string().regex(/^0x[0-9a-fA-F]{40}$/, "Must be a valid Ethereum address").describe("Target contract address"),
+            data: z.string().regex(/^0x[0-9a-fA-F]*$/, "Must be valid hex").describe("Calldata hex"),
             value: z.string().default("0").describe("BNB value in wei"),
         })).describe("Array of actions to execute atomically"),
     },
     async ({ token_id, actions: rawActions }) => {
         const { policyClient } = createClients();
         const tokenId = BigInt(token_id);
+        const expiryCheck = await checkAgentExpiry(tokenId); if (expiryCheck.expired) return { content: expiryCheck.content! };
         const actions: Action[] = rawActions.map(a => ({
             target: a.target as Address,
             value: BigInt(a.value || "0"),