Fluid
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation routine fetches version metadata, an installer script, and a platform-specific binary from GitHub repositories (
raw.githubusercontent.comandapi.github.com). These downloads target official repositories of the vendor (okx) and include SHA256 checksum verification against a signed manifest to ensure file integrity. - [REMOTE_CODE_EXECUTION]: Shell scripts (
install.sh) and binaries (fluid-plugin-core) are downloaded from remote vendor sources and executed locally to set up the environment. These actions are guarded by checksum validation and are consistent with the skill's primary setup purpose. - [COMMAND_EXECUTION]: The skill executes various system utilities (
chmod,ln,mv,mkdir,npx) to manage the installation process and frequently invokes theonchainosCLI to perform wallet operations and contract calls. These interactions are necessary for the skill's decentralized finance (DeFi) functionality. - [DATA_EXFILTRATION]: The
SKILL.mdfile includes a telemetry command that sends installation events (plugin name and version) to the vendor's official API (api.okx.com). This is standard diagnostic reporting for the vendor. - [PROMPT_INJECTION]: The instructions establish a 'Live Trading Confirmation Protocol' that mandates explicit user confirmation, balance checks, and transaction previews. These constraints are designed to enhance security and prevent accidental or autonomous high-risk actions by the agent.
Audit Metadata