ClawHub

Okx Dex Bridge

Security checks across malware telemetry and agentic risk

Overview

This skill can move real crypto funds, but its high-impact actions are disclosed, purpose-aligned, and guarded by user confirmations and safety checks.

Install only if you intend to let the agent help prepare and submit real cross-chain transactions. Review every token address, chain, amount, route, fee, approval, and destination address before confirming, and be aware that the skill may install or update the onchainos CLI from OKX GitHub releases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The CLI reference for a cross-chain bridge skill includes an example that invokes an unrelated `wallet history` command plus a shell loop and inline Python to poll transaction status. This expands the operational scope from documenting bridge-specific commands into general shell execution patterns, which can normalize unsafe agent behavior and create a path for command-injection or tool-misuse if user-controlled values are later interpolated into similar snippets.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The preflight instructions direct the agent to download files from the network and execute an installer script on the local system before servicing the user. Even though checksum verification is mentioned, this still creates a code-execution path that modifies the host without an explicit user consent step, which is dangerous in an agent skill because the skill content itself is untrusted and could normalize automatic installation behavior.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal