The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the 'gate-cli' binary from the official vendor repository (github.com/gate/gate-cli). The download is performed via metadata in SKILL.md and a helper setup.sh script, which includes integrity verification using SHA256 checksums.- [COMMAND_EXECUTION]: The setup.sh script executes several shell utilities including curl, tar, and install. It attempts to perform a privilege escalation by using 'sudo install' as a fallback if a local, non-privileged installation to the user's home directory fails.- [COMMAND_EXECUTION]: The skill executes the downloaded 'gate-cli' binary at runtime to interact with exchange APIs. It employs a dynamic execution pattern by running 'gate-cli [command] --help' to discover required arguments before performing operations, which allows the agent to adapt to CLI changes.- [CREDENTIALS_UNSAFE]: The skill relies on sensitive API credentials (GATE_API_KEY and GATE_API_SECRET). It provides guidance for secure local configuration using 'gate-cli config init' and expects these secrets to be available in the host environment, though it correctly instructs the agent never to ask the user to paste secrets into the chat.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes strategy recommendations from external API responses. This risk is managed through explicit instructions to only return backend-provided data and the enforcement of mandatory user confirmation gates for all state-changing operations (bot creation or stopping).

gate-exchange-bot