Skills
skills/okx/onchainos-skills/okx-defi-invest/Snyk

okx-defi-invest

Warn

Audited by Snyk on May 11, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly built for crypto DeFi execution: it provides commands like defi invest, defi withdraw, and defi collect that generate on-chain calldata, requires checking wallet balances/positions, and describes signing and broadcasting flows (user signing + onchainos gateway broadcast, or Agentic Wallet onchainos wallet contract-call which performs TEE signing and broadcasting). It explicitly handles minimal-unit conversions, calldata sequencing, chain mappings, and warns about Solana tx expiry — all indicating direct on-chain transaction creation and execution. Under the core rule (crypto/blockchain wallets, signing, swaps, broadcasting), this is a Direct Financial Execution capability.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 11, 2026, 07:14 PM
Issues
1