okx-cex-auth

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly runs CLI commands that ingest JSON and URLs from the public OKX service (e.g., okx auth login --manual which returns a verificationUri/userCode and okx auth status --json / okx config show --json), and the agent is required by the SKILL.md workflow to parse those third-party responses and base subsequent actions on them, creating a clear path for indirect prompt injection from external content.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly for OKX CEX account authentication and API-key management (okx auth login, okx config init, okx auth status). It targets a cryptocurrency exchange and references exchange-specific scopes (e.g., "live:trade") and wiring of API Key credentials (AK/SK/PP). It is part of the flow that enables trading actions (the routing table points to placing/canceling/amending orders via okx-cex-trade). Although this skill performs authentication rather than sending orders itself, it is specifically designed for crypto exchange access and management of credentials that enable financial transactions. Therefore it qualifies as a direct financial execution capability.