bingx-standard-trade

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires calling fetchSigned with an apiKey and secretKey and performs HMAC signing and header injection, which implicitly requires the agent to obtain and embed secret credential values (or echo them into generated requests/code), creating an exfiltration risk.