okx-defi-portfolio
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by 'okx' and uses its official domain (web3.okx.com) and proprietary CLI tool ('onchainos'). The behavior is consistent with the stated purpose of portfolio tracking.
- [COMMAND_EXECUTION]: The skill uses local CLI commands ('onchainos defi positions' and 'onchainos defi position-detail') to fetch data. These commands are restricted to read-only operations for viewing balances and holdings.
- [PROMPT_INJECTION]: No malicious injection patterns were found. The skill uses instructional constraints to route users to other specialized skills (e.g., 'okx-defi-invest' for transactions), which is a safety best practice for compartmentalizing agent capabilities.
- [DATA_EXFILTRATION]: No unauthorized network operations or exfiltration patterns detected. The skill processes wallet addresses to query public blockchain state via a trusted local tool.
- [INDIRECT_PROMPT_INJECTION]: The skill has a data ingestion surface where it processes and displays output from external CLI tools.
- Ingestion points: Data enters the context via the 'onchainos' CLI output (Step 3).
- Boundary markers: The instructions mandate strict markdown table formatting for displaying data, which provides structural boundaries.
- Capability inventory: The skill only performs read operations and display tasks; it lacks subprocess execution or file-write capabilities that could be exploited by malicious data.
- Sanitization: No explicit sanitization is described, but the restricted capability set and structured output requirements mitigate the risk.
Audit Metadata