gate-exchange-trading-copilot
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes untrusted external data from news and social media sources to inform trading decisions. This creates a surface for indirect prompt injection where malicious content in these sources could attempt to influence the agent's actions.
- Ingestion points: External news articles and social media posts retrieved during the analysis phase (e.g., via news_feed_search_news).
- Boundary markers: The skill does not specify the use of delimiters or 'ignore' instructions when processing this external data.
- Capability inventory: The skill possesses high-impact execution capabilities, including the ability to place, amend, and cancel spot and futures orders on Gate Exchange (cex_spot_create_spot_order, cex_fx_create_fx_order).
- Sanitization: No explicit validation or filtering of external data content is documented in the skill's instructions.
- [COMMAND_EXECUTION]: The skill orchestrates trade execution on Gate Exchange using authenticated tools. While this is the primary purpose of the skill, the execution of financial commands is a sensitive capability. The skill mitigates this risk by enforcing a strict workflow: it must produce a 'Trading Brief' and an 'Order Draft', and then wait for explicit, immediate confirmation from the user before calling any execution tools.
Audit Metadata