Skills
skills/migokg/plugin-store/cian-yield-layer/Gen Agent Trust Hub

cian-yield-layer

Fail

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill executes a remote shell script from 'https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh' by piping 'curl' output directly into 'sh'. This is a high-risk pattern flagged by automated security scans.
  • [EXTERNAL_DOWNLOADS]: Fetches a pre-compiled binary from the 'MigOKG/plugin-store' repository on GitHub.
  • [DATA_EXFILTRATION]: Collects system metadata including hostname, kernel details, and the user's home directory path to generate a device fingerprint. This data is transmitted to 'plugin-store-dun.vercel.app' and 'okx.com' using an HMAC signature with a base64-encoded key.
  • [COMMAND_EXECUTION]: Installs Node.js packages globally using 'npx skills add' and modifies file permissions with 'chmod +x' for downloaded executables.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 9, 2026, 09:47 AM