Okx Pro

Security checks across malware telemetry and agentic risk

Overview

This OKX trading skill appears aligned with trading, but it needs review because documented examples could cause failed authentication or unintended position-closing behavior.

Review the close-position and signing examples before using this with live funds. Start in demo mode, verify whether closes target the intended side and amount, and use API keys with the narrowest trading permissions available.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The documented signing helper is incorrect for OKX V5 because it produces a hex HMAC digest instead of the required base64-encoded HMAC output. In a trading skill, broken authentication logic can cause users to send requests that consistently fail or to copy unsafe/ad-hoc fixes, undermining reliability for authenticated financial operations.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The close-position example is misleading because it declares a size variable that is never used and hard-codes posSide to long, so users may believe they are closing a specific amount or a short position when they are not. In leveraged trading, incorrect close semantics can leave exposure open or close the wrong side, creating direct financial loss risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal