oasis-dev
Warn
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute installation commands using
sudoto move the downloaded binary into the system directory/usr/local/bin/during the Oasis CLI setup process. - [EXTERNAL_DOWNLOADS]: The skill downloads binary releases from the official Oasis Protocol GitHub repository and fetches additional documentation and context from an external third-party service at
context7.com. - [DATA_EXFILTRATION]: The skill accesses and manages sensitive files, including password-encrypted wallet files and the Oasis CLI configuration located in
$HOME/.config/oasis/, which is necessary for its primary function but involves data exposure. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: WebFetch, WebSearch, and MCP Context7 fetches from
context7.com(found inSKILL.md). Boundary markers: Absent. Capability inventory: Bash, Write, and Edit tools (found inSKILL.md). Sanitization: Absent.
Audit Metadata