okx-ai-guide
Fail
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: CRITICALPROMPT_INJECTIONSAFE
Full Analysis
- [SAFE]: The skill utilizes a platform detection script (
detect_harnessinSKILL.md) and vendor-specific command-line tools (onchainos) to identify the runtime environment and query user status. These operations are standard for the skill's stated purpose.- [PROMPT_INJECTION]: The skill ingests external data fromagent get-my-agentsandagent task-in-progress(ingestion points inSKILL.mdandreferences/registered-home.md). Analysis confirms that boundary markers are absent. However, the skill implements sanitization by explicitly instructing the agent not to render free-text fields such asdescriptionorprofileDescription(inreferences/intro.mdandreferences/registered-home.md). The capability inventory includes read-only CLI calls (onchainos agent task-in-progress,onchainos agent search) with no dangerous command interpolation detected.- [SAFE]: Automated scanner alerts for the domainokx.aiand associated documentation links were evaluated. These are verified vendor resources belonging to the skill's author and represent legitimate product functionality rather than malicious behavior.
Recommendations
- CRITICAL: 1 infected file(s) detected - DO NOT USE
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata