The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads the 'onchainos' CLI installer, checksum files, and binary updates from the official OKX GitHub repository ('github.com/okx/onchainos-skills'). This is part of its standard maintenance and installation workflow.
[REMOTE_CODE_EXECUTION]: During its pre-flight check, the skill executes a shell script ('install.sh') or a PowerShell script ('install.ps1') fetched from the vendor's GitHub repository. This behavior is used to ensure the wallet's CLI environment is correctly set up and current.
[COMMAND_EXECUTION]: The skill performs wallet operations by executing local 'onchainos' CLI commands. It includes robust security checks, such as verifying the binary's SHA256 checksum against official values before execution and performing transaction simulations prior to broadcasting to a network.
[PROMPT_INJECTION]: The skill handles user-provided data such as wallet addresses and transaction amounts. It mitigates indirect injection risks by instructing the agent to perform strict format validation (e.g., EVM and Solana address lengths) and rely on CLI simulation results to prevent unauthorized executions.
[DATA_EXFILTRATION]: The skill collects user email addresses to facilitate the OTP (One-Time Password) authentication process required for wallet login. This data is transmitted to the vendor's official authentication services and is a necessary component of the wallet's security model.

okx-agentic-wallet