okx-agent-task
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
_shared/preflight.mdfile contains instructions to fetch the latest stable version of theonchainostool and download installation scripts fromhttps://github.com/okx/onchainos-skills. This is a standard update mechanism for the vendor's tooling. - [REMOTE_CODE_EXECUTION]: During the pre-flight environment check, the skill downloads and executes an installation script (
install.shorinstall.ps1) from the author's official GitHub repository to manage theonchainosbinary. - [COMMAND_EXECUTION]: The skill's activation logic in
SKILL.mdinvolves executing scripts returned by theonchainos agent next-actioncommand. This is the primary mechanism for the agent to perform task-related operations. - [SAFE]: The skill contains comprehensive safety guidelines in
user-sub-playbook.mdandreferences/evaluator-decision-rubric.md(Dangerous-Instruction Gate and Behavioral constraints). These instructions explicitly forbid the agent from following shell commands, reading local files, or querying sensitive information if they are embedded in untrusted peer messages or task materials, mitigating indirect prompt injection risks.
Audit Metadata