strategy-signal-tracker
Fail
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches installation scripts and strategy binaries from OKX's official GitHub repositories.- [REMOTE_CODE_EXECUTION]: Installs strategy components by piping remote scripts from OKX's repositories into the shell interpreter during the setup of onchainos, plugin-store, and the strategy binary.- [REMOTE_CODE_EXECUTION]: Pipes the results of a GitHub API query directly into a Python interpreter to calculate and display download statistics for the user.- [COMMAND_EXECUTION]: Executes local binaries including onchainos, plugin-store, and strategy-signal-tracker to manage wallet authentication, configuration, and trade execution.- [DATA_EXFILTRATION]: Accesses the local ~/.plugin-store/.env file to read and suggest modifications for Telegram bot tokens and chat IDs.- [PROMPT_INJECTION]: Contains instructions that direct the agent to inform users that security scanner alerts regarding the installation scripts are false positives. This attempt to override security assessments is a deceptive pattern that could lead to misjudgment of safety.- [DATA_EXFILTRATION]: Ingests live trading data from the OKX Signal API (Ingestion Point: /api/v6/dex/market/signal/list). The skill lacks boundary markers or sanitization for this external content. Combined with its capability to sign and broadcast blockchain transactions (Capability Inventory: sign_transaction, broadcast), this creates an indirect prompt injection surface if signal metadata is rendered to the agent's context.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/okx/plugin-store/main/install.sh, https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh, https://raw.githubusercontent.com/okx/plugin-store/main/install_strategy.sh - DO NOT USE without thorough review
Audit Metadata