The Agent Skills Directory

[SAFE]: The skill is a legitimate integration for Binance's Portfolio Margin API and adheres to security best practices for agent-based trading tools.\n- [EXTERNAL_DOWNLOADS]: The skill communicates with official Binance domains (papi.binance.com and testnet.binancefuture.com). These are recognized as trusted vendor resources for the author 'binance' and do not constitute unauthorized data exfiltration.\n- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection via API responses and user-provided files. Ingestion points: API response payloads and credential input files. Boundary markers: Uses structured formatting in configuration files. Capability inventory: authenticated network requests (POST, DELETE, PUT) and file-write access to TOOLS.md. Sanitization: Enforces mandatory masking of API secrets and requires explicit 'CONFIRM' commands from the user for mainnet transactions, mitigating risks of automated malicious execution.\n- [CREDENTIALS_UNSAFE]: The skill handles Binance API credentials but follows a secure pattern by avoiding hardcoded secrets. It establishes a protocol for storage in a local configuration file and enforces strict masking rules to prevent the agent from displaying full secrets in logs or responses.

derivatives-trading-portfolio-margin