Back to skill

Security audit

1ly Payments

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed payments skill with real financial authority, so it is appropriate for its purpose but should be installed only with tight wallet and spending controls.

Install only if you intend to let an agent handle crypto payments or seller workflows. Use a dedicated low-balance wallet, prefer wallet-provider options over inline private keys, set very small explicit budgets or disable auto-spend, verify the npm package before use, and require manual approval for withdrawals, key revocation, deletions, token launches, and trades.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs operators to provide wallet private keys inline in environment variables and to persist seller API keys locally, but it does not strongly warn against logging, prompt leakage, shell history exposure, or insecure file permissions. In a payments skill, these secrets directly control funds and merchant capabilities, so accidental exposure can lead to wallet theft, unauthorized spending, store takeover, or fraudulent withdrawals.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The seller tool list includes destructive or security-sensitive operations such as deleting links, revoking keys, withdrawals, and profile changes without clearly warning that some actions may be irreversible or service-impacting. In an autonomous agent context, incomplete operator guidance increases the chance of accidental deletion, lockout, broken monetization, or funds being sent to the wrong destination.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.