Skills
skills/okx/onchainos-skills/okx-security/Gen Agent Trust Hub

okx-security

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Downloads and executes setup scripts from the official OKX GitHub repository to manage the onchainos CLI installation.
  • [EXTERNAL_DOWNLOADS]: Fetches software updates, release tags, and binary checksums from GitHub for integrity verification.
  • [COMMAND_EXECUTION]: Executes the onchainos CLI tool to perform security audits and utilizes the system Keychain for secure credential management.
  • [PROMPT_INJECTION]: Operates on untrusted blockchain data and token metadata, which presents an indirect prompt injection surface. This is mitigated by the skill's primary focus on security validation and risk reporting.
  • Ingestion points: Results from balance and portfolio commands (references/risk-token-detection.md).
  • Boundary markers: Not specified.
  • Capability inventory: Runs CLI-based security analysis commands.
  • Sanitization: Relies on internal CLI validation logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 12:24 PM