@349/okx-onchainos-suite

SUSPICIOUS. The skill’s purpose and capabilities mostly align for a wallet agent, and the installer path is same-org and checksum-verified. However, it is inherently high risk because it lets an AI agent authenticate a wallet, handle sensitive credentials, and execute irreversible on-chain transfers and contract calls; cross-skill routing further broadens trust. This is not confirmed malware, but it is a high-risk financial-action skill.

The skill’s stated purpose is coherent with OKX OnchainOS workflows, so this does not look like confirmed malware. However, it requires an unverifiable external `onchainos` CLI and sends high-value OKX credentials to that binary, which triggers a high-risk classification under the dependency and credential-forwarding rules. Overall verdict: SUSPICIOUS/HIGH RISK due to opaque external execution and credential trust, not due to purpose mismatch.

SUSPICIOUS: the skill is purpose-aligned and uses same-org distribution paths, but it grants an AI agent the ability to approve and execute cryptocurrency trades, including optional automated mode. That real-world transaction capability makes the overall risk high even without clear evidence of malicious intent or hidden exfiltration.

SUSPICIOUS. The main memecoin research capability aligns with the stated purpose, and the installer source is same-org OKX GitHub with checksum verification, which lowers concern. But the skill still relies on remote script execution, expands into transitive wallet/swap workflows with real financial impact, and processes untrusted external token content while having command execution capability. No direct credential theft or clear malicious exfiltration is evident.