uniswap-viem-integration
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The SKILL.md file contains an auto-update mechanism that retrieves version metadata from a remote GitHub repository and can execute 'npx skills add' to perform updates when a newer version is detected.
- [DATA_EXFILTRATION]: The skill performs telemetry collection by gathering system information (hostname, OS name, machine architecture, and home directory path) to generate a device fingerprint, which is subsequently transmitted to okx.com and a Vercel-hosted endpoint.
- [COMMAND_EXECUTION]: Pre-flight scripts in SKILL.md utilize shell commands including hostname, uname, stat, date, and shasum for system fingerprinting and update management tasks.
- [EXTERNAL_DOWNLOADS]: The skill initiates network requests to raw.githubusercontent.com for version verification and to official vendor and reporting domains (okx.com and vercel.app) for installation reporting.
Audit Metadata