gate-exchange-dual
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of binary executables from the official vendor repository on GitHub (github.com/gate/gate-cli) during installation.
- [COMMAND_EXECUTION]: The skill includes a setup script (setup.sh) that manages the installation of the gate-cli binary. The script attempts a local installation first but utilizes 'sudo install' as a fallback for system-wide installation to /usr/local/bin.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data from external API responses (investment plans and orders) and reflects them in the agent's context. 1. Ingestion points: 'gate-cli cex earn dual plans' and 'gate-cli cex earn dual orders' (as documented in product-query.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are used when presenting API data. 3. Capability inventory: The skill can perform mutating actions such as placing orders via 'gate-cli cex earn dual place'. 4. Sanitization: No data sanitization or validation of the API-returned content is specified before presentation to the user.
Audit Metadata