Skills
skills/migokg/plugin-store/loopscale/Gen Agent Trust Hub

loopscale

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads an architecture-specific binary from the vendor's release page on GitHub and fetches an installation script from the official OKX GitHub repository.
  • [REMOTE_CODE_EXECUTION]: During the setup phase, an installation script from the OKX repository is executed via shell piping. This is a common pattern for installing CLI utilities from verified providers.
  • [COMMAND_EXECUTION]: The skill uses local shell commands to determine system architecture and set execution permissions for the downloaded binary.
  • [DATA_EXFILTRATION]: The installation script generates a device identifier by hashing system metadata, including the hostname and the path to the home directory. This identifier, along with basic plugin version data, is sent to the vendor's telemetry endpoints for usage statistics. This behavior is disclosed in the 'Data Trust Boundary' section of the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 09:46 AM