okx-ai-guide

Fail

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: CRITICALPROMPT_INJECTIONSAFE
Full Analysis
  • [SAFE]: The skill utilizes a platform detection script (detect_harness in SKILL.md) and vendor-specific command-line tools (onchainos) to identify the runtime environment and query user status. These operations are standard for the skill's stated purpose.- [PROMPT_INJECTION]: The skill ingests external data from agent get-my-agents and agent task-in-progress (ingestion points in SKILL.md and references/registered-home.md). Analysis confirms that boundary markers are absent. However, the skill implements sanitization by explicitly instructing the agent not to render free-text fields such as description or profileDescription (in references/intro.md and references/registered-home.md). The capability inventory includes read-only CLI calls (onchainos agent task-in-progress, onchainos agent search) with no dangerous command interpolation detected.- [SAFE]: Automated scanner alerts for the domain okx.ai and associated documentation links were evaluated. These are verified vendor resources belonging to the skill's author and represent legitimate product functionality rather than malicious behavior.
Recommendations
  • CRITICAL: 1 infected file(s) detected - DO NOT USE
  • Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 2, 2026, 02:30 AM
Security Audit — agent-trust-hub — okx-ai-guide