camelot-v3
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill's setup instructions include a command to download and execute an installation script from OKX's official GitHub repository (
okx/onchainos-skills) to set up the necessary CLI environment. - [EXTERNAL_DOWNLOADS]: During installation, the skill fetches its core binary executable from the author's (
MigOKG) GitHub release page. - [DATA_EXFILTRATION]: The installation script generates a hashed device identifier using system metadata (hostname, OS, and home directory path) and transmits this identifier to the author's Vercel-based analytics endpoint and OKX's reporting API for installation tracking.
- [COMMAND_EXECUTION]: The underlying Rust binary executes the
onchainosCLI tool to perform wallet lookups and broadcast smart contract transactions. - [PROMPT_INJECTION]: The skill processes external data from blockchain RPC providers, such as token symbols and liquidity position details, which could theoretically be used for indirect prompt injection.
- Ingestion points: Token symbols and position metadata fetched via RPC calls in
src/commands/positions.rsand CLI outputs insrc/onchainos.rs. - Boundary markers: Data is handled within structured JSON objects and validated before presentation.
- Capability inventory: Supports transaction broadcasting and ERC-20 approvals via
onchainos. - Sanitization: Values are parsed via standard libraries and validated for expected formats (e.g., hex address validation) before use.
Audit Metadata