gate-exchange-marketanalysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests public Gate exchange market data (e.g., cex_spot_get_spot_order_book, cex_spot_get_spot_trades, cex_fx_get_fx_order_book, cex_fx_get_fx_candlesticks) as required by SKILL.md and references/scenarios.md — these are third‑party, user‑generated order/trade feeds the agent must read and which directly drive analysis and recommendations, so they could indirectly inject misleading instructions via market data.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent at runtime to "MUST read and strictly follow the shared runtime rules" and directs it to https://github.com/gate/gate-skills/blob/master/skills/gate-runtime-rules.md, which is a required external document whose content directly controls agent behavior and decision-making during execution.