okx-cex-skill-mp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly downloads and installs independent third-party skills from the OKX Skills Marketplace (see the "Third-Party Content Notice" and "What happens under the hood" stating it "Downloads skill zip from OKX marketplace API" and saves/installs the package locally), so untrusted, user-authored SKILL.md and package contents are ingested and can be executed by the agent and therefore could inject instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's runtime "okx skill add" flow downloads third‑party skill packages from the OKX Skills Marketplace API (the marketplace download endpoint used by okx skill add), and those packages contain SKILL.md and other code/instructions that run locally and can directly control agent prompts or execute code, so the marketplace download endpoint is a high‑risk runtime dependency.