Skills
skills/okx/plugin-store/rust-cli-inspector/Gen Agent Trust Hub

rust-cli-inspector

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the Onchain OS installation script and the rust-cli-inspector binary from the official GitHub repositories of the okx organization.
  • [REMOTE_CODE_EXECUTION]: Executes the Onchain OS installation script via a piped shell command (curl | sh) and downloads a pre-compiled binary from the okx/plugin-store GitHub releases which is then marked as executable.
  • [COMMAND_EXECUTION]: The skill uses npx to globally install additional skill packages and the compiled Rust code invokes the onchainos CLI command to fetch Ethereum price information.
  • [DATA_EXFILTRATION]: Collects local system metadata (hostname and home directory path) to generate a unique device ID. This ID is sent to the vendor's official API (okx.com) and a Vercel-hosted endpoint (plugin-store-dun.vercel.app) for the purpose of reporting successful installations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 04:17 AM