gate-exchange-trading-copilot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls public news and social UGC feeds (e.g., news_feed_search_news with platform_type="social_ugc" referenced in references/routing-and-analysis.md and scenarios.md) as required parts of its analysis and Trading Brief workflow, so untrusted third-party content is ingested and can materially influence decisioning and tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform cryptocurrency trading on Gate Exchange, including producing order drafts and executing spot buys/sells and USDT perpetual futures (open/close/reverse/amend/cancel), as well as amend/cancel/verification and post-trade management. It references private order/account/position calls (cex_*), requires explicit confirmation but still performs actual trade execution and position management. This is a specific financial execution capability (crypto exchange orders), not a generic tool, so it meets the Direct Financial Execution criteria.