okx-dex-swap
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads installer scripts and platform-specific binaries from the author's official GitHub repository (okx/onchainos-skills). These are vendor-owned resources used for the skill's primary functionality.
- [REMOTE_CODE_EXECUTION]: The skill executes a downloaded shell script to install the
onchainosCLI tool. This process is protected by mandatory SHA256 checksum verification against hardcoded hashes within the skill instructions to prevent the execution of tampered code. - [COMMAND_EXECUTION]: The skill uses a custom CLI tool to interact with decentralized exchange aggregators. It enforces strict security rules including mandatory user confirmation and safety checks for honeypots and high price impact for all trade-related operations.
- [PROMPT_INJECTION]: The skill mitigates the risk of indirect prompt injection from external blockchain data (such as token names or metadata). It explicitly instructs the agent to treat all data returned by the CLI as untrusted external content and not to interpret it as instructions. Ingestion points: CLI output. Boundary markers: Explicit agent warnings. Capability inventory: Token swap and approval commands. Sanitization: Instruction to ignore data-embedded commands.
Audit Metadata