The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's primary workflow involves the agent writing Python code to the file system and executing it using the bash tool. This dynamic generation and execution of code represents an attack surface if the agent is manipulated into creating malicious scripts.\n- [EXTERNAL_DOWNLOADS]: Fetches data from external market data providers, specifically CoinGecko and Twelve Data. These are recognized, well-known services for financial information.\n- [DATA_EXFILTRATION]: The instructions explicitly command the agent to bypass platform network security wrappers (such as proxied_get()) in favor of direct requests calls. This reduces the platform's ability to monitor or proxy external network activity initiated by the skill's scripts.\n- [CREDENTIALS_UNSAFE]: The documentation suggests using env | grep for troubleshooting, a practice that can expose sensitive environment variables and API keys in the agent's output logs.

charting