ClawHub

okx-dex

v1.0.0

OKX DEX aggregator (v6). Get swap quotes, swap/approve tx data, tokens, and chains.

2· 1.8k·5 current·5 all-time
by@ricky321u
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md and scripts clearly implement an OKX DEX aggregator (requests to https://web3.okx.com, HMAC signing, swap/quote/approve endpoints), which is consistent with the declared purpose. However the registry metadata claims no required environment variables or primary credential while the runtime instructions require OKX API credentials — an inconsistency between declared metadata and actual capability.
!
Instruction Scope
The runtime instructions and provided test script confine network access to the OKX API base URL and only use curl/jq/python3, which is appropriate for the stated purpose. However there are multiple inconsistencies/bugs in the instructions: several Python signing snippets reference a different env var name (SECRET_KEY) than the documented OKX_SECRET_KEY, and some f-string usages rely on shell expansion in a way that is brittle. These mismatches could cause accidental misuse of the wrong environment variable or failed requests.
Install Mechanism
This is an instruction-only skill (no install spec that downloads/executes remote code). The only required binaries are curl, jq, and python3 — reasonable for the provided shell + python examples and lower risk than arbitrary downloads.
!
Credentials
The skill legitimately needs OKX_API_KEY, OKX_SECRET_KEY (secret), and OKX_PASSPHRASE to sign API calls, which is proportionate for a DEX aggregator. The problem: the registry metadata lists no required env vars / no primary credential, so the manifest underreports sensitive requirements. Also some code snippets refer to SECRET_KEY instead of OKX_SECRET_KEY, increasing the chance of misconfiguration or accidental use of a differently named secret.
!
Persistence & Privilege
The skill is flagged always: true which forces it to be included in every agent run. A DEX aggregator does not normally require permanent inclusion; 'always' increases the blast radius if the skill or its environment has issues. Autonomous invocation (disable-model-invocation: false) is the platform default and not itself flagged, but combined with always:true and the requirement for API secrets it raises additional risk.
What to consider before installing
This skill appears to implement a genuine OKX DEX API client, but there are important red flags you should address before installing: (1) The repository/registry metadata does NOT declare the three required secrets although SKILL.md and scripts do — verify the publisher and the provenance. (2) The SKILL.md contains inconsistent variable names (SECRET_KEY vs OKX_SECRET_KEY) and brittle signing snippets; test in a safe environment first. (3) The skill is configured 'always: true' which forces it into every agent session — remove or question this unless you need it always available. If you proceed, only provide API keys with minimal permissions, consider creating a dedicated OKX key you can revoke, and monitor/rotate keys after initial use. If the publisher cannot explain the metadata mismatches and justify always:true, treat the package as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97byr9vf3xckdk2wqbqg7kyyh80kcy8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧭 Clawdis
Binscurl, jq, python3

Comments