skills/okx/onchainos-skills/okx-guide/Gen Agent Trust Hub

okx-guide

Fail

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The file _shared/preflight.md contains instructions for the agent to download an install.sh script and a checksum file if the required CLI is not found. Furthermore, automated scanners flagged references/ai-support.md and references/intro.md for suspicious HTTP request patterns.
  • [REMOTE_CODE_EXECUTION]: The skill is designed to execute the downloaded install.sh script during its pre-flight check. This represents a significant remote code execution vector, as the integrity and source of the script are not hardcoded or verified by the skill's static instructions.
  • [COMMAND_EXECUTION]: The skill frequently invokes the onchainos CLI (e.g., wallet status, agent get-my-agents, agent search) to retrieve wallet balances and manage agent identities, involving the execution of local shell commands.
  • [DATA_EXFILTRATION]: Automated URL scanners flagged https://okx.ai, which is referenced throughout the skill for customer support and account management, as a malicious "CryptScam" domain. This poses a risk of directing users to a site intended for phishing or fraudulent activities.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from the agent marketplace (such as agent names and descriptions) and displays it to the user. The lack of strict delimiters or sanitization for this external content creates a surface for indirect prompt injection attacks.
Recommendations
  • CRITICAL: 2 infected file(s) detected - DO NOT USE
  • AI detected serious security threats
  • Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 3, 2026, 11:44 AM
Security Audit — agent-trust-hub — okx-guide