coinank-openapi

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Performs a version check by fetching metadata from official GitHub repositories maintained by the okx organization.
  • [REMOTE_CODE_EXECUTION]: Downloads and executes an installation script for the onchainos CLI tool. The process includes a mandatory SHA256 checksum verification against a provided checksum file to ensure integrity before execution.
  • [COMMAND_EXECUTION]: Utilizes npx to globally add required management skills (onchainos-skills and plugin-store) during the initialization phase.
  • [CREDENTIALS_UNSAFE]: Includes explicit security guidelines that instruct the AI agent never to persist or expose private keys or API keys, and to manage sensitive credentials only via secure environment variables.
  • [PROMPT_INJECTION]: Contains defensive instructions for the AI agent to stop and obtain explicit user confirmation before applying updates or executing any payment-gated API calls with non-zero amounts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:28 AM
Security Audit — agent-trust-hub — coinank-openapi