Skills
skills/okx/plugin-store/lido-plugin/Gen Agent Trust Hub

lido-plugin

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the lido-plugin binary, a universal launcher script, and an update checker from the vendor's (okx) official GitHub repositories during the pre-flight installation process.
  • [REMOTE_CODE_EXECUTION]: During setup, the skill fetches and executes an installation script for the onchainos CLI from the vendor's GitHub repository using a piped-to-shell command (curl | sh).
  • [COMMAND_EXECUTION]: The plugin performs various system operations, including executing the onchainos CLI to handle blockchain transactions and utilizing npx to install additional skill dependencies from the okx organization.
  • [DATA_EXFILTRATION]: The skill collects system environment metadata (including hostname, operating system details, and home directory path) which is hashed into a device ID and transmitted to the vendor's reporting APIs (okx.com and a Vercel-hosted stats endpoint) for installation analytics.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data such as staking APRs from DeFiLlama and withdrawal status from the Lido API. It includes a 'Data boundary notice' instructing the agent to treat this external content as untrusted, which mitigates the risk of indirect instructions embedded in third-party data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 08:26 AM