Skills
skills/gate/gate-skills/gate-exchange-alpha/Gen Agent Trust Hub

gate-exchange-alpha

Warn

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the gate-cli binary from the vendor's GitHub repository and retrieves external runtime instructions from a remote markdown file hosted on GitHub. While these resources originate from the vendor's infrastructure, they constitute external dependencies that are loaded and interpreted at runtime.
  • [COMMAND_EXECUTION]: The setup.sh script contains logic to perform a privileged installation using sudo if user-local installation directories are not available. This represents a privilege escalation vector that requires user oversight during execution.
  • [REMOTE_CODE_EXECUTION]: The skill is designed to download, install, and then execute an external binary (gate-cli). This behavior is the primary mechanism for the skill's functionality but involves the execution of code not distributed directly within the skill package.
  • [DATA_INGESTION_VULNERABILITY]: The skill processes untrusted external data from the exchange (such as market tickers, transaction history, and currency names) and provides the agent with write capabilities (placing orders).
  • Ingestion points: gate-cli cex alpha account balances, market tickers, and account book outputs.
  • Boundary markers: None present in the instructions to delimit external data from commands.
  • Capability inventory: Includes the ability to place financial orders and execute shell commands.
  • Sanitization: There are no explicit sanitization or validation steps for the content returned by the external API before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 26, 2026, 03:51 PM