Gasless Agent Wallet(SOL/EVM)

Security checks across malware telemetry and agentic risk

Overview

This wallet skill is coherent, but it gives agents real crypto-spending authority and under-warns about private-key exposure from its CLI workflow.

Install only after independently verifying the npm package and publisher, pinning the package version, and deciding how keys will be generated and stored. Prefer managed wallets with human passkey approval, configure per-token limits before funding, avoid unmanaged mode for real assets, and never run keygen or --json output in shared terminals, CI, chat, or logged automation.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The documentation claims the wallet is non-custodial and that private keys never leave the machine, but it also instructs users to generate keys via a CLI that prints private keys to stdout and JSON. Even if the key remains local, terminal history, shell logging, CI capture, screen recording, telemetry, or copied JSON can expose secret material, making the claim materially misleading in a security-sensitive wallet context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal