digift-plugin
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches update metadata and installation components from the author's official GitHub repositories (e.g., okx/plugin-store). These downloads are used for version checking and component installation.
- [REMOTE_CODE_EXECUTION]: The skill automates the installation of the onchainos CLI and the digift package. To mitigate risks associated with remote execution, it verifies the SHA256 checksum of the installer script and package assets against known-good values before execution or installation.
- [CREDENTIALS_UNSAFE]: A DigiFT API key is required for operation. The skill correctly instructs the user to provide this via the
DIGIFT_API_KEYenvironment variable and includes logic in the API client to ensure the key is only transmitted to authorized digift.io subdomains, preventing exfiltration to untrusted hosts. - [PROMPT_INJECTION]: The skill processes external data from the DigiFT REST API, representing a potential indirect prompt injection surface.
- Ingestion points: API responses for products, prices, and orders in
runtime/src/api.ts. - Boundary markers: None present in the prompt interpolation logic.
- Capability inventory: Transaction building and balance queries across
runtime/src/cli.tsandruntime/src/contract.ts. - Sanitization: Financial data and parameters are rigorously validated and converted to BigInt using
ethers.parseUnits, significantly reducing the risk of data-driven exploits.
Audit Metadata