okx-dex
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for an OKX DEX API helper, but users should notice it needs OKX API credentials and can produce swap/approval transaction payloads that must be reviewed before signing.
Read the credential setup and transaction examples before installing. Use a limited OKX API key, keep secrets out of prompts and files, validate all token and wallet addresses, and never sign swap or approval transactions until your wallet confirms the intended chain, spender, amount, recipient, and slippage.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user who signs generated transaction data without checking it could swap funds under unexpected parameters.
The script requests swap transaction data from OKX. This fits the skill's purpose, but swap transaction payloads are financially sensitive if a user later signs or broadcasts them.
echo "4) Swap Transaction" ... "/api/v6/dex/aggregator/swap?...&amount=500000000000000000&swapMode=exactIn&slippagePercent=0.01&userWalletAddress=0xaa4e09ab283e207bd7171d924db2dda49315637b"
Review chain, token addresses, wallet address, amount, slippage, router, recipient, and transaction target in a trusted wallet before signing; do not treat generated transaction data as automatically safe.
If a user signs an approval transaction without checking spender and amount, they may grant unwanted token allowance.
The skill can request token approval transaction data. This is expected for DEX workflows, but approvals can grant token-spending rights if later signed.
echo "5) Approval Transaction (with approve target)" ... "/api/v6/dex/aggregator/approve-transaction?chainIndex=1&tokenContractAddress=0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48&approveAmount=1000000000"
Confirm the approval spender, token contract, amount, and chain in the wallet UI before signing, and prefer minimal allowances.
The agent environment will need access to OKX API credentials to run these examples.
The skill requires OKX API credentials. This is expected for the OKX API, but the registry metadata says no required environment variables or primary credential, so users may not notice the credential requirement until reading the docs.
| `OKX_API_KEY` | OKX API key | Yes | ... | `OKX_SECRET_KEY` | OKX API secret | Yes | ... | `OKX_PASSPHRASE` | OKX API passphrase | Yes |
Use least-privilege OKX API credentials, store them as environment variables or secrets rather than in prompts or files, and rotate them if exposed.
Package metadata may not accurately describe the reviewed file set.
The embedded metadata version differs from the registry version 1.0.0, lists a LICENSE file not shown in the supplied manifest, and does not list the included scripts/test_okx.sh. This appears to be a packaging/provenance inconsistency rather than malicious behavior.
"version": "2.0.0", "files": [ "SKILL.md", "README.md", "LICENSE" ]
Verify the installed package contents and prefer a source repository or release process with consistent versioning and file manifests.
Unsafe customization of the helper could let malformed query values affect generated Python code.
The helper interpolates shell variables into a Python heredoc for signing. In the provided script the calls use fixed query strings, but adapting this pattern with unvalidated user-controlled parameters could create code-injection risk.
python3 - <<PY
import hmac, hashlib, base64, os
msg = f"${TIMESTAMP}${METHOD}${PATH_WITH_QUERY}"Keep chain IDs, token addresses, wallet addresses, and amounts strictly validated, and prefer passing values to Python through environment variables or command-line arguments rather than interpolating them into source.