The Agent Skills Directory

[CREDENTIALS_UNSAFE]: Hardcoded API keys and secrets are present in SKILL.md and references/openapi.md (e.g., '7RAYBKMG5MNMKK7LN6YGCO5UDI'). While labeled as public default credentials, their presence in the source code poses a risk if used improperly.
[COMMAND_EXECUTION]: The skill directs the agent to execute shell commands to manage directories and configuration files, including the use of 'chmod' to modify file permissions. It also utilizes dynamic code execution via terminal one-liners (e.g., 'python3 -c') to handle HMAC-SHA256 signature logic.
[PROMPT_INJECTION]: The skill contains 'mandatory' instructions designed to override agent behavior, such as 'Step 0 — Environment Detection (Mandatory, must execute on every trigger)', which constrains the agent's operational autonomy.
[EXTERNAL_DOWNLOADS]: The skill requires network access to openapi.gateweb3.cc to function. It specifically instructs the agent to modify the 'sandbox.json' configuration to permit outbound traffic to this domain, effectively altering the security boundaries of the AI platform environment.

gate-dex-market