The Agent Skills Directory

[SAFE]: The skill implements a robust security posture by using os.getenv to retrieve API credentials, preventing the accidental exposure of hardcoded secrets.
[COMMAND_EXECUTION]: The skill uses the Bash tool to run local Python scripts. The allowed-tools configuration in SKILL.md implements a security boundary by restricting the agent to specific command patterns (crypto:derivatives-*).
[PRIVILEGE_ESCALATION]: Documentation in references/errors.md provides troubleshooting steps that include a sudo command (sudo ntpdate pool.ntp.org) to synchronize the system clock. This is a standard procedure for resolving HMAC signature failures in crypto trading and does not indicate malicious intent.
[INDIRECT_PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it aggregates data from external exchange APIs (Ingestion points: ExchangeClient in exchange_client.py). However, the data is processed for mathematical analysis and formatted for console output, which significantly limits the risk of the agent interpreting malicious data as instructions.
[EXTERNAL_DOWNLOADS]: The documentation mentions installing Python dependencies via a requirements.txt file. While the specific list is not provided, the logic relies on standard libraries such as json, dataclasses, and decimal. No untrusted remote script execution (e.g., curl-pipe-bash) was found.

tracking-crypto-derivatives