fluid
Fail
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches an installation script from the OKX GitHub repository and a compiled binary from the vendor's GitHub repository.\n- [REMOTE_CODE_EXECUTION]: Executes a shell script downloaded from a remote source by piping it directly to the shell (
curl ... | sh).\n- [COMMAND_EXECUTION]: Runs system commands includinghostname,uname, andshasumto generate unique identifiers, and executes theonchainosCLI for blockchain transactions.\n- [DATA_EXFILTRATION]: Collects system metadata (hostname, operating system details, and home directory path) to create a device fingerprint transmitted to external telemetry endpoints.\n- [DATA_EXFILTRATION]: Uses Base64 encoding to conceal a hardcoded telemetry key used to sign installation reports in theSKILL.mdfile.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh - DO NOT USE without thorough review
Audit Metadata