Back to skill

Security audit

OKX Trader

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OKX trading bot, but it can automatically place and cancel real exchange orders on a schedule with live trading as the default.

Install only if you intentionally want an automated OKX trading system. Start with OKX_IS_SIMULATION=true, use a trade-only subaccount API key with withdrawals disabled, verify grid_settings.json sizes and instruments, and enable cron schedules only after you are comfortable with the live order-cancel and order-placement behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README explicitly describes autonomous trading actions that place and cancel exchange orders on a recurring schedule and persist account snapshots locally, but it does not prominently warn that enabling the skill can trigger real external financial transactions and local data writes. In an agent-skill ecosystem, understated disclosure of financial and system-impacting behavior increases the risk of accidental deployment with live credentials or production settings, which can lead to monetary loss, unintended market activity, or exposure of sensitive account data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The manifest explicitly requires highly sensitive OKX API credentials, but provides no warning about secure handling, storage, transmission, or the risk of granting live-trading permissions. In a trading skill, these secrets can directly enable account access and order placement, so lack of disclosure and guardrails materially increases the chance of accidental exposure or unsafe use.

Missing User Warnings

High
Confidence
96% confidence
Finding
The listed tools and scheduled tasks automate live trading maintenance and account snapshot collection without prominent warnings that they can alter open orders, affect live funds, or expose sensitive financial data. Because the default simulation flag is set to false and the cron templates encourage unattended execution, the skill context makes unintended financial impact and privacy exposure more dangerous.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.