From cdcx-cli
Defines progressive autonomy levels for CDCX MCP agents, from read-only market observation to fully autonomous trading with safety tiers for mutate/dangerous tools.
npx claudepluginhub crypto-com/cdcx-cli --plugin cdcx-cliThis skill uses the workspace's default tool permissions.
Agents should operate at the lowest autonomy level that accomplishes their task. Each level upward trades human oversight for agent independence.
Guides progression from read-only Kraken market analysis to fully autonomous trading agent via four incremental risk levels with safeguards.
Provides design patterns for autonomous coding agents: agent loops, tool calling APIs, permissions, browser automation, human-in-the-loop workflows. Python examples included.
Integrates OpenAI Agents SDK with You.com MCP server via hosted or streamable HTTP for Python and TypeScript. Use when adding MCP tools to OpenAI agents.
Share bugs, ideas, or general feedback.
Agents should operate at the lowest autonomy level that accomplishes their task. Each level upward trades human oversight for agent independence.
Every cdcx MCP tool is classified into one of four tiers:
| Tier | Agent Behaviour | Example |
|---|---|---|
read | Runs freely, no acknowledgement | cdcx_market_ticker |
sensitive_read | Runs freely, no acknowledgement | cdcx_account_summary |
mutate | Requires acknowledged: true in tool arguments | cdcx_trade_order |
dangerous | Refused unless server was started --allow-dangerous | cdcx_trade_cancel_all, cdcx_funding_withdraw |
Agent can observe the market but cannot touch the account.
cdcx mcp --services market
MCP config:
{"command":"cdcx","args":["mcp","--services","market"]}
Use for: market research agents, price alerts, chart commentary.
Agent can read live market data plus read authenticated account info; any actual trading is paper-only and handled CLI-side (not via MCP).
cdcx mcp --services market,account
Pair the MCP server with shell access to cdcx paper for simulated execution. Paper has no MCP tools; execution stays outside the agent's tool surface.
Use for: strategy research with real account context, backtest harnesses.
Agent can place and cancel real orders, but every mutation requires explicit acknowledgement from the host application (human-in-the-loop).
cdcx mcp --services market,account,trade,advanced
The agent calls cdcx_trade_order; the host MUST echo the intent to the human and only pass acknowledged: true once approved. Dangerous tools (cancel-all, withdraw) are refused at the server since --allow-dangerous is not set.
Use for: semi-automated trading with human oversight, production with guardrails.
Agent executes anything without per-call confirmation. Dangerous tier is available.
cdcx mcp --services market,account,trade,advanced,funding --allow-dangerous
Even at level 3, mutate tools still require acknowledged: true in the tool arguments — but an autonomous agent will pass it automatically without a human prompt. --allow-dangerous additionally unlocks cancel-all and withdrawals.
Use for: fully automated strategies with external risk controls (position limits, drawdown circuit breakers, monitoring alerts). Rare in production.
| From → To | Requirement |
|---|---|
| 0 → 1 | Agent correctly interprets market data, no hallucinated instruments |
| 1 → 2 | Strategy is profitable or sound on paper; agent handles API errors gracefully |
| 2 → 3 | Agent has operated supervised without unexpected actions for a meaningful period |
Valid MCP service groups: market, account, trade, advanced, margin, staking, funding, fiat, otc, stream, all.
account also exposes history (orders/trades/transactions)funding maps to the wallet CLI group (deposit/withdraw/networks)paper is not an MCP group — paper trading is CLI-onlyall includes everything abovefunding withdraw) should only be unlocked at Level 3 and only with --allow-dangerous; they are the highest-risk action available--allow-dangerous only affects the dangerous tier. Mutate tools always need acknowledged: true regardless