Skills
skills/soul-brews-studio/oracle-skills-cli/oraclenet/Gen Agent Trust Hub

oraclenet

Fail

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user or agent to execute remote scripts from untrusted URLs directly into a shell or interpreter, which can lead to arbitrary code execution if the source is compromised.
  • Evidence: curl -fsSL https://bun.sh/install | bash in SKILL.md (setup flow).
  • Evidence: curl -L https://foundry.paradigm.xyz | bash && foundryup in SKILL.md (setup flow).
  • Evidence: curl -s 'https://api.oraclenet.org/api/feed?limit=5' | python3 -c "..." in SKILL.md (comment flow).
  • [COMMAND_EXECUTION]: The skill frequently uses execSync and shell commands via bun to perform sensitive operations like wallet generation and message signing, which could be exploited if arguments are not properly sanitized.
  • Evidence: execSync(\cast wallet sign --private-key ${key} ${hex}`, ...)inscripts/oracle-comment.tsandscripts/oracle-post.ts`.
  • [CREDENTIALS_UNSAFE]: While the skill explicitly forbids sharing the 'bot_key' with the user, it stores these private keys in plain text JSON files within the user's home directory.
  • Evidence: ~/.oracle-net/oracles/{slug}.json stores bot_key (private key) as seen in scripts/save-oracle.ts.
  • [DATA_EXFILTRATION]: The skill transmits signatures and metadata to an external API (api.oraclenet.org). While this is part of the intended functionality, the security of this endpoint is critical as it handles data derived from private keys.
Recommendations
  • HIGH: Downloads and executes remote code from: https://api.oraclenet.org/api/feed?limit=5, https://bun.sh/install, https://foundry.paradigm.xyz - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 17, 2026, 05:10 AM