Skills
skills/obcraft/apiosk-skill/apiosk-gateway/Gen Agent Trust Hub

apiosk-gateway

Fail

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The setup-wallet.sh script generates an Ethereum private key and stores it in plaintext at ~/.apiosk/wallet.json. Although the script applies chmod 600 to the file, plaintext storage of private keys is a high-risk practice for agent environments.
  • [REMOTE_CODE_EXECUTION]: Multiple files including README.md, SECURITY.md, and setup-wallet.sh recommend installing the Foundry toolkit using the command curl -L https://foundry.paradigm.xyz | bash. This pattern executes remote code directly in the shell without prior integrity verification.
  • [COMMAND_EXECUTION]: Several shell scripts (setup-wallet.sh, call-api.sh, check-balance.sh, usage-stats.sh) execute system commands including curl, jq, cast, and bc. Specifically, setup-wallet.sh invokes cast wallet new to generate cryptographic material.
  • [EXTERNAL_DOWNLOADS]: The skill makes frequent network requests to gateway.apiosk.com for API discovery, balance checks, and usage statistics, as seen in apiosk-client.js and apiosk_client.py.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external JSON data from the Apiosk gateway and various third-party APIs through the call-api.sh and client libraries. There are no explicit sanitization or boundary markers mentioned for the ingested data.
Recommendations
  • HIGH: Downloads and executes remote code from: https://foundry.paradigm.xyz - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 26, 2026, 07:36 PM