The Agent Skills Directory

[CREDENTIALS_UNSAFE]: Plaintext API credentials for the AiCoin service are hardcoded in the shared library script.
File: lib/aicoin-api.mjs (variables KEY and SECRET).
[CREDENTIALS_UNSAFE]: The skill retrieves sensitive authentication data, including API keys and passwords for various crypto exchanges and trading bots, from environment variables.
File: scripts/exchange.mjs (retrieves *_API_KEY, *_API_SECRET, *_PASSWORD).
File: lib/freqtrade-api.mjs (retrieves FREQTRADE_PASSWORD).
[COMMAND_EXECUTION]: Enables high-impact financial operations, including order placement and fund transfers, which could be exploited if the agent is compromised.
File: scripts/exchange.mjs (actions: create_order, transfer, set_leverage).
File: scripts/ft.mjs (actions: force_enter, force_exit, start, stop).
[PROMPT_INJECTION]: The skill possesses a substantial attack surface for indirect prompt injection by ingesting external data while having access to sensitive tools.
Ingestion points: scripts/news.mjs (fetches news lists, details, and flashes) and scripts/coin.mjs (fetches AI-generated analysis strings).
Boundary markers: Absent. No delimiters or instructions are used to separate untrusted external content from agent instructions.
Capability inventory: Includes full control over crypto trading through ccxt and Freqtrade REST APIs, including the ability to move funds.
Sanitization: Absent. No validation or filtering is performed on the ingested content before it is presented to the agent.

aicoin