Skills
skills/migokg/plugin-store/eigencloud/Gen Agent Trust Hub

eigencloud

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads the onchainos setup script from OKX's official GitHub repository and fetches the eigencloud binary from the author's (MigOKG) release page during initialization.
  • [REMOTE_CODE_EXECUTION]: Executes a remote installation script for the onchainos CLI by piping a download directly to the shell.
  • [COMMAND_EXECUTION]: The Rust CLI tool uses system commands to interact with the onchainos environment for wallet address resolution and smart contract interactions.
  • [DATA_EXFILTRATION]: Includes a telemetry script that transmits a hashed device fingerprint (derived from system metadata like hostname and home path) to the vendor's stats endpoint and the OKX API for installation tracking.
  • [PROMPT_INJECTION]: Features a clear data boundary notice in the skill instructions that directs the agent to treat all blockchain RPC responses as untrusted content, preventing indirect injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 05:44 AM