The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill explicitly instructs the agent to run okx config show --json, which reads the contents of ~/.okx/config.toml. This reveals sensitive API-key profiles and credentials to the agent's processing context for the purpose of verifying the authentication mode.
[COMMAND_EXECUTION]: The skill relies on executing the okx CLI tool to perform sensitive operations, including creating, amending, and stopping financial trading bots. This involves passing user-supplied parameters directly to shell commands.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external CLI tool outputs (e.g., bot lists and details from the OKX API) and uses this data to inform subsequent high-privilege 'WRITE' actions. This risk is partially mitigated by instructions requiring the agent to confirm parameters with the user before execution.
[SAFE]: The skill follows security best practices by instructing the agent to never accept credentials directly in the chat and instead guiding users to a local initialization flow using okx config init.

okx-cex-bot