dapp-composer
Fail
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to download and execute an external script from an untrusted source using the pattern
curl -sSL https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh | sh. This allows for arbitrary code execution on the host system without prior inspection, which is a critical vulnerability. - [CREDENTIALS_UNSAFE]: The skill requests that the user provide highly sensitive secrets, specifically
EVM_PRIVATE_KEYandSOL_PRIVATE_KEY, as environment variables. This creates a severe risk of asset theft if the associated third-party tools or the installation script are malicious. - [COMMAND_EXECUTION]: The skill relies on the execution of multiple CLI commands from the
plugin-storeutility, which is installed via the aforementioned untrusted remote script. - [METADATA_POISONING]: The skill's YAML frontmatter claims the author is 'okx' and points to an official homepage, while the installation resources are hosted on a personal GitHub account ('purong-huang-1121'). This discrepancy indicates potential impersonation or deception regarding the skill's origin.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata