Early Setup Finder
Security checks across malware telemetry and agentic risk
Overview
The skill text is a simple crypto market-analysis checklist, but its metadata advertises wallet, transaction-signing, and sensitive-credential capabilities that do not fit the instructions.
Read this carefully before installing: the visible skill is just a crypto setup-analysis prompt, but the package metadata claims wallet, signing, and sensitive-credential capabilities. Do not grant wallet access, private keys, seed phrases, exchange credentials, or transaction-signing authority for this skill unless the publisher clearly explains why those permissions are necessary.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.