The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/generate_chart_html.py script executes shell commands using os.system() with an unsanitized output_file argument. This creates a command injection vulnerability where arbitrary shell commands can be executed if the output path contains shell metacharacters.\n- [DATA_EXFILTRATION]: Information about the author's local environment, including their username and directory structure, is exposed via hardcoded absolute paths (e.g., /Users/adrian/Desktop/BA/MACD/) found in multiple scripts and configuration files.\n- [EXTERNAL_DOWNLOADS]: The skill fetches market data from OKX's public API and loads the lightweight-charts library from the unpkg.com CDN to generate technical analysis visualizations.

btc-momentum-analyzer