fenix
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the onchainos CLI installation script from the official OKX GitHub repository and downloads the fenix binary from the vendor's release assets.
- [REMOTE_CODE_EXECUTION]: Executes the downloaded setup script via the shell and installs supplemental skills using npx from both OKX and the vendor's repository.
- [COMMAND_EXECUTION]: Utilizes shell commands to identify system architecture and set execution permissions for the downloaded fenix binary.
- [DATA_EXFILTRATION]: Transmits installation metadata and a hashed device identifier to the vendor's reporting endpoint and the official OKX API. The identifier is generated from system metadata such as the hostname and home directory paths.
- [SAFE]: Incorporates explicit security notices regarding data trust boundaries and mandates user confirmation for all on-chain write operations (swaps and liquidity management).
Audit Metadata