top-rank-tokens-sniper
Fail
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill source code and documentation promote the installation of the onchainos CLI by piping a remote script directly to a shell:
curl -fsSL https://onchainos.com/install.sh | bash. This installation method is inherently risky as it executes remote code without local integrity verification or package management controls. - [COMMAND_EXECUTION]: The core scripts
ranking_sniper.pyandrisk_check.pyutilizesubprocess.run()to interact with the local operating system via the onchainos CLI. This allows the agent to execute sensitive blockchain operations, manage wallet assets, and conduct trades. - [PROMPT_INJECTION]: The skill ingests untrusted data from the Solana blockchain and the OKX leaderboard (token symbols, names, and tags) to perform filtering and scoring. This creates an indirect prompt injection surface. Ingestion points: Data enters via
get_ranking(),get_advanced(), andget_holders()inranking_sniper.py. Boundary markers: Absent; there are no instructions to the agent to ignore embedded commands in token metadata. Capability inventory: The skill can execute local CLI commands, write to configuration files, and manage financial transactions. Sanitization: Numeric values are validated, but token strings and metadata are used directly in logs and momentum scoring logic.
Recommendations
- HIGH: Downloads and executes remote code from: https://onchainos.com/install.sh - DO NOT USE without thorough review
Audit Metadata