Skills
skills/okx/onchainos-skills/okx-onchain-gateway/Gen Agent Trust Hub

okx-onchain-gateway

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation scripts and release metadata from the vendor's official GitHub repository (okx/onchainos-skills).
  • [REMOTE_CODE_EXECUTION]: Executes vendor-provided installer scripts to manage the local onchainos CLI binary. The skill includes security controls to verify the integrity of the downloaded script using SHA256 checksums before execution.
  • [COMMAND_EXECUTION]: Executes the onchainos CLI to perform blockchain operations like gas estimation and transaction broadcasting.
  • [PROMPT_INJECTION]: The skill processes data from external blockchain nodes. It includes a mandatory evidence chain for indirect prompt injection risk: 1. Ingestion points: External content returned by the CLI (SKILL.md); 2. Boundary markers: Explicit instructions to treat CLI output as untrusted external content (SKILL.md); 3. Capability inventory: Network access and command execution (SKILL.md); 4. Sanitization: Instructions to prevent the agent from interpreting data as instructions (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 06:37 PM