Skills
skills/migokg/plugin-store/test-python-cli/Gen Agent Trust Hub

test-python-cli

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's documentation (SKILL.md) includes a pre-flight check that instructs the user to download and install a CLI tool using a shell script from a well-known repository (github.com/okx/onchainos-skills). This is a standard installation procedure for the documented tool.
  • [COMMAND_EXECUTION]: The Python script scripts/query_price.py uses subprocess.run to execute the onchainos command-line tool. The arguments passed to this command are hardcoded literals (e.g., 'token', 'price', 'ETH'), which prevents command injection from user-supplied input.
  • [REMOTE_CODE_EXECUTION]: While the skill references a remote installation script, the source is an official repository for the tool being integrated. The execution pattern (curl | sh) is a common deployment method for legitimate CLI utilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 12:47 PM