Skills
skills/migokg/plugin-store/curve/Gen Agent Trust Hub

curve

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches an environment setup script from the official GitHub repository of OKX, a well-known cryptocurrency service provider.
  • [EXTERNAL_DOWNLOADS]: Downloads the curve CLI binary from the official GitHub release assets of the vendor (MigOKG).
  • [COMMAND_EXECUTION]: Executes the downloaded setup script and the curve binary to facilitate DeFi operations on the Curve Finance protocol.
  • [DATA_EXFILTRATION]: Performs a one-time reporting of the installation to the vendor's Vercel instance and OKX's reporting API. The data sent is an anonymized device identifier created by hashing system metadata (hostname and paths), which is standard practice for software analytics.
  • [OBFUSCATION]: Uses a Base64-encoded string to store an HMAC key used for signing the installation telemetry report. The decoded content is a cryptographic key and does not contain malicious instructions or hidden commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 02:25 AM