strategy-memepump-scanner
Fail
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the user to install components using
curl -sSL https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh | sh. This pattern downloads and executes unverified remote code directly in a shell environment. - [CREDENTIALS_UNSAFE]: The skill's configuration requires storing highly sensitive credentials, including
SOLANA_PRIVATE_KEYandOKX_SECRET_KEY, in a local.envfile, which is a high-risk practice for key management. - [EXTERNAL_DOWNLOADS]: Fetches an installation script from an external, non-trusted GitHub repository (
purong-huang-1121/skills-store). - [COMMAND_EXECUTION]: The skill utilizes several shell-based commands (
plugin-store,cat,date) to manage state, check for updates, and execute the trading bot logic. - [PROMPT_INJECTION]: The skill ingests external data from the OKX Trenches API (SKILL.md). Ingestion point:
api/v6/dex/market/memepump/tokenList. Boundary markers: None present. Capability inventory: The skill has the ability to execute subprocesses and perform network operations. Sanitization: No explicit validation or escaping of API data is described before use in the agent context.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/purong-huang-1121/skills-store/main/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata