okx-dex-signal
Warn
Audited by Snyk on Mar 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests untrusted public content via the onchainos CLI (e.g., "onchainos signal list" returning token metadata, token.tokenAddress, wallet addresses and other on-chain data) and also fetches installers/releases from the public GitHub API/raw.githubusercontent.com as part of its required pre-flight steps, and those returned values are used to drive downstream commands (token-info, holders, market kline, and swaps) per the Operation Flow, so third-party content can materially influence agent actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill's pre-flight checks download and execute a remote installer at runtime (sh /tmp/onchainos-install.sh) fetched from https://raw.githubusercontent.com/okx/onchainos-skills/${LATEST_TAG}/install.sh, which is a required dependency and results in executing remote code.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata