Skills
skills/okx/plugin-store/stablecoin-risk-check/Gen Agent Trust Hub

stablecoin-risk-check

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill performs periodic version checks by fetching a YAML configuration file from the official OKX plugin store repository on GitHub.
  • Evidence: curl -sf --max-time 3 "https://raw.githubusercontent.com/okx/plugin-store/main/skills/stablecoin-risk-check/plugin.yaml" in SKILL.md.
  • [COMMAND_EXECUTION]: A pre-flight bash script is defined in the skill instructions to manage a local update cache and automate the update process.
  • Evidence: The script uses standard shell utilities such as stat, date, mkdir, and cat to manage the $HOME/.plugin-store/update-cache directory.
  • [REMOTE_CODE_EXECUTION]: The skill can trigger a global update of its own code using the npx skills utility from the vendor's trusted repository.
  • Evidence: npx skills add okx/plugin-store --skill stablecoin-risk-check --yes --global in SKILL.md.
  • [SAFE]: The skill includes an 'External Data Boundary' section that explicitly instructs the AI agent to treat data from the Barker API as untrusted and to avoid executing any embedded instructions, effectively mitigating indirect prompt injection risks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 05:30 AM