test-ts-cli

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). This is high-risk: it points to a raw .sh installer (curl|sh) which would execute code fetched from a GitHub repo — even if hosted under a known org (okx), running remote shell scripts without inspecting them can deliver malware or unwanted actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Skill pre-flight instructs executing a remote install script (curl -sSL https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh | sh), which fetches and runs remote code to install the required onchainos CLI that the skill relies on.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill tells the agent to run a remote install command (curl ... | sh) to install a CLI and requires ensuring a binary is installed, which instructs modifying the host system and running external code that can change machine state and potentially require elevated privileges.