okx-dex-token

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public third‑party content — e.g., onchainos token search/trending/hot-tokens (including X/Twitter mentions), token holders/trades and advanced-info which pull on‑chain and social/user-generated data, and even pre-flight installer/checksum files from the public GitHub repo — and those results are used by the agent to drive follow-up actions (warnings, swap decisions, routing), so untrusted external content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's pre-flight checks download and execute remote installer code (e.g., curl -sSL "https://raw.githubusercontent.com/okx/onchainos-skills/${LATEST_TAG}/install.sh" -o /tmp/onchainos-install.sh followed by sh /tmp/onchainos-install.sh, and related GitHub release checksum downloads), so these URLs are used at runtime to fetch and run remote code which the skill relies on.