Back to skill

Security audit

Zerion Api

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Zerion wallet-data lookup skill, but users should treat wallet queries and the Zerion API key as sensitive.

Install only if you are comfortable sending wallet addresses and query context to Zerion. Use a dedicated Zerion API key, keep it out of source control, logs, and screenshots, rotate it if exposed, and avoid submitting customer-linked or personally sensitive wallet identifiers without authorization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill encourages querying wallet portfolios, transactions, DeFi positions, and NFTs through a remote HTTP MCP server but does not warn users that wallet addresses, transaction histories, and related financial metadata will be sent to a third-party service. This can expose sensitive research targets, customer identifiers, or internal investigation activity to an external provider, which is especially relevant in blockchain analytics where pseudonymous data can still be highly revealing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup instructions tell users to place a bearer API key directly into MCP configuration without warning about secret handling. This increases the risk of credential leakage through checked-in config files, shared screenshots, logs, or misconfigured environments, which could allow unauthorized use of the Zerion account and exposure of billing, query history, or associated data.

VirusTotal

44/44 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.