Agentic Wallet exclusive trading competitions. Full lifecycle: discover → view rules → join → trade → check rank → claim reward. Triggers: 'list trading comp...
Security Analysis
high confidenceReview before installing: the skill fits its OKX competition purpose, but it can use a logged-in crypto wallet to register, claim rewards, and sign/broadcast on-chain transactions.
The stated purpose is coherent for trading competitions, but the lifecycle includes financially significant wallet actions such as joining competitions, trading handoff, and claiming rewards.
The skill includes scope limits and intent routing, but the claim flow is described as atomic signing and broadcasting, and the chain-eligibility guidance is hardcoded in a way that can affect trading decisions.
This is instruction-only with no install spec or code files, but it relies on an external onchainos CLI/MCP environment and references a shared preflight file outside the provided manifest.
Use of wallet login, selected account/session data, EVM and Solana addresses, and TEE signing is proportionate to the competition purpose but high-impact enough to require user review.
No background persistence or self-propagation is shown, but the skill relies on an existing logged-in wallet/session and signing capability.
Guidance
This does not show clear malicious behavior, but it is a high-impact crypto wallet skill. Install only if you trust the OKX/onchainos source, use the intended wallet, review every wallet transaction before signing, and verify official competition rules before joining, trading, or claiming rewards.
Latest Release
v3.1.3
okx-growth-competition 3.1.3 - Expanded and clarified competition rules and lifecycle documentation in SKILL.md. - Added explicit, hardcoded guidance for all competitions running on both Solana and the backend-specified EVM chain. - Strengthened output structure: all user-facing responses must strictly follow fixed templates for each competition step. - Clearly separated internal IDs from all user-facing messages; activities must be referenced by name only. - Updated intent-routing and output constraints to avoid error-prone freeform or ambiguous responses. - Documented new and existing command behaviors, flag requirements, and backend limitations.
More by @ok-james-01
Published by @ok-james-01 on ClawHub
