okx-cex-market

Security checks across malware telemetry and agentic risk

Overview

This skill is a read-only OKX market-data helper, with minor trading-adjacent wording that users should treat as informational only.

Install only if you want a global OKX CLI for public market-data lookup. Do not treat this skill as a trading or account-management tool; use separate, intentionally installed trading or portfolio skills only when you want those higher-impact capabilities.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: This read-only market-data skill includes guidance to 'confirm a live last price before placing any order,' which introduces trading-action instructions that are outside the declared scope of the skill. In an agent setting, this can blur trust boundaries and encourage downstream workflows to treat the skill as suitable for execution-adjacent decisions, increasing the risk of misuse or unsafe automation.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The stock-token section says users should confirm price before placing a stock token order, which directly contradicts the skill metadata stating the skill is read-only and not for trading. Even though no order command is provided here, the documentation can mislead users or agents into using market-data output as part of an execution workflow that this skill is not authorized to handle.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal