The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the 'gate-cli' binary from the author's official GitHub repository (github.com/gate/gate-cli) as defined in the SKILL.md installation metadata. As the resource originates from the vendor's own infrastructure, this is documented as a standard functional requirement.
[COMMAND_EXECUTION]: The package includes a 'setup.sh' script that performs system architecture detection, fetches the latest version of the CLI via the GitHub API, and installs the binary. The script attempts to use 'sudo' for installation in '/usr/local/bin' if a local installation in the user's home directory fails, which is a privilege escalation pattern.
[PROMPT_INJECTION]: The skill implements robust instructional guardrails, including mandatory user confirmation for all 'write' operations (creating, updating, or stopping plans) and explicit rules for invalidating stale confirmation drafts if parameters change.
[SAFE]: Sensitive credentials such as 'GATE_API_KEY' and 'GATE_API_SECRET' are managed via environment variables. The skill instructions explicitly forbid asking the user to provide these secrets directly in the chat, recommending the 'gate-cli config init' wizard instead.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it ingests untrusted data from external sources.
Ingestion points: Trading records and order details fetched from the Gate API via 'gate-cli cex earn auto-invest records' and 'orders'.
Boundary markers: None present; the skill does not wrap external data in delimiters or include instructions for the agent to ignore embedded commands in the data.
Capability inventory: The agent can execute 'gate-cli' commands to create, modify, or stop investment plans, as well as add funds to existing positions.
Sanitization: No sanitization or validation of the content of the external records is performed before processing.

gate-exchange-autoinvest