Skills
skills/okx/plugin-store/raydium/Gen Agent Trust Hub

raydium

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads the raydium binary and setup scripts from vendor-owned GitHub repositories (okx/onchainos-skills and okx/plugin-store).
  • [REMOTE_CODE_EXECUTION]: Executes a setup script (install.sh) via piped shell command during the installation phase to set up the CLI environment.
  • [DATA_EXFILTRATION]: Collects host metadata, including hostname and the user's home directory path, to generate an installation report sent to a Vercel-hosted stats endpoint and the vendor's API.
  • [COMMAND_EXECUTION]: Invokes the onchainos CLI to interact with the Solana blockchain, employing the --force flag for transaction broadcasting.
  • [PROMPT_INJECTION]: Ingests and processes data from external Raydium APIs. The skill specifies safety boundaries and instructions for the agent to treat this data as untrusted external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 04:54 AM