The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill performs automated installation and updates by downloading an installer script (install.sh or install.ps1) from the OKX GitHub repository and executing it locally. This process includes a security mechanism to verify the script's SHA256 checksum against a provided manifest before execution.
[COMMAND_EXECUTION]: Shell commands are utilized to manage the lifecycle of the onchainos binary and to perform operations such as transaction simulation, gas estimation, and broadcasting.
[DATA_EXFILTRATION]: The skill initiates network requests to the GitHub API and raw content domains to retrieve update tags, download the installer, and fetch checksum files. These domains are commonly used for legitimate software distribution.
[CREDENTIALS_UNSAFE]: The skill provides instructional tips that recommend users grant persistent 'Always Allow' access to the system Keychain and suggest storing API keys in .env files. While standard for developer convenience, these practices involve the handling of sensitive credentials.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of raw blockchain transaction data and calldata without explicit sanitization or defensive delimiters.
Ingestion points: Raw transaction hex and base58 data enter via the --signed-tx and --data parameters in the broadcast and simulate commands.
Boundary markers: Absent; the data is passed directly to the CLI tool.
Capability inventory: The skill can perform shell execution and network operations (curl) during its pre-flight and execution phases.
Sanitization: No validation or escaping of the external input data is performed.

okx-onchain-gateway