The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill instructions detail how to handle and store Binance API keys and Secret keys. It recommends storing these credentials in a file (e.g., TOOLS.md) and provides a procedure for users to supply credentials via file upload. While the skill includes rules for masking secrets when displayed to the user, the management of authentication tokens in the local filesystem is a sensitive operation.
[COMMAND_EXECUTION]: Reference documentation in references/authentication.md provides shell script examples for signing requests with openssl and executing HTTP requests via curl. The agent may execute these commands to interact with the Binance API, involving shell execution with potentially sensitive parameters.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via the processing of user-provided credential files.
Ingestion points: User-supplied credential file content (SKILL.md)
Boundary markers: Absent
Capability inventory: Shell command execution via openssl and curl, file system access for credential storage, and network operations to Binance API (references/authentication.md)
Sanitization: Absent for incoming data; masking is applied only to displayed output.
[DATA_EXFILTRATION]: The skill facilitates the transmission of sensitive account information and trade data to external Binance API endpoints (fapi.binance.com). These are recognized as legitimate vendor resources for the author 'binance' and do not escalate the verdict.

derivatives-trading-usds-futures