coinank-openapi
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Performs a version check by fetching metadata from official GitHub repositories maintained by the okx organization.
- [REMOTE_CODE_EXECUTION]: Downloads and executes an installation script for the onchainos CLI tool. The process includes a mandatory SHA256 checksum verification against a provided checksum file to ensure integrity before execution.
- [COMMAND_EXECUTION]: Utilizes npx to globally add required management skills (onchainos-skills and plugin-store) during the initialization phase.
- [CREDENTIALS_UNSAFE]: Includes explicit security guidelines that instruct the AI agent never to persist or expose private keys or API keys, and to manage sensitive credentials only via secure environment variables.
- [PROMPT_INJECTION]: Contains defensive instructions for the AI agent to stop and obtain explicit user confirmation before applying updates or executing any payment-gated API calls with non-zero amounts.
Audit Metadata