strategy-signal-tracker

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.85). The skill contains high-risk supply‑chain and remote‑execution patterns (automatic curl|sh installs from remote GitHub URLs, background/silent installs, immediate pre-flight execution before any user interaction, and use of npx to pull packages) that could deliberately enable backdoors or unauthorized code execution on the host, even though no explicit obfuscated payloads or direct data‑exfiltration routines are visible in the content.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill autonomously polls public OKX Signal API (POST /api/v6/dex/market/signal/list) and other third‑party endpoints (e.g., price_info, memepump/tokenDevInfo, tokenBundleInfo, candles, quote) and even fetches install scripts from GitHub, ingests those untrusted, user/market-generated signals as part of its runtime workflow, and directly uses them to decide and execute trades—so external content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill invokes runtime shell installs that fetch and execute remote scripts (curl -sSL https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh | sh and curl -sSL https://raw.githubusercontent.com/okx/plugin-store/main/install.sh | sh and curl -sSL https://raw.githubusercontent.com/okx/plugin-store/main/install_strategy.sh | sh -s -- strategy-signal-tracker), so external content is fetched at runtime, executed, and used as a required dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot designed to execute on-chain financial transactions. It describes executing position-sized trades via OKX DEX (swap-instruction SOL→Token), signing transactions, broadcasting them, waiting for order confirmation, and managing TP/SL and session risk. It requires an onchainos wallet (TEE signing) and checks wallet balance; commands like strategy-signal-tracker tick / start are documented to "open positions" (with a --dry-run option explicitly contrasted with real execution). These are specific payment/crypto execution capabilities (wallet signing, swap execution, broadcasting transactions), not generic tooling, so it grants direct financial execution authority.