morpho-base
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches an installation script from OKX's official GitHub repository and a pre-compiled plugin binary from the vendor's repository.
- [REMOTE_CODE_EXECUTION]: Executes a setup script from OKX, a well-known service provider, during the installation phase to configure the environment.
- [DATA_EXFILTRATION]: Performs installation reporting by collecting system metadata such as hostname, platform, and the user's home directory path. This information is hashed locally into a non-reversible identifier before being sent to well-known service endpoints for telemetry purposes.
- [PROMPT_INJECTION]: The skill ingests data from external GraphQL APIs and on-chain calls, which could theoretically contain malicious instructions. This risk is mitigated by explicit security guidelines in the skill instructions and a requirement for manual user confirmation for all transaction-signing operations.
- Ingestion points: External data enters the agent context through GraphQL queries in
src/api.rsand JSON-RPCeth_callresults insrc/rpc.rs. - Boundary markers: The
SKILL.mdfile contains a 'Security Notices' section that explicitly instructs the agent to treat data from the CLI as untrusted external content. - Capability inventory: The skill possesses the ability to execute shell commands via the
onchainosCLI for wallet interactions and contract calls, as seen insrc/onchainos.rs. - Sanitization: Implements strict parsing for token amounts and manual construction of ABI-encoded calldata, ensuring external strings are never directly used as executable instructions.
Audit Metadata