Back to skill

Security audit

Lobster Market

Security checks across malware telemetry and agentic risk

Overview

This skill matches its payment-marketplace purpose, but it can perform payment-related marketplace actions through a hardcoded plain-HTTP server and gives weak guidance for wallet/key risk.

Install only if you understand the operator and are comfortable with plain-HTTP marketplace traffic. Use a dedicated low-balance wallet, verify task details and recipients before approving anything, and assume on-chain payments may be irreversible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README advertises actions that can trigger real-world task acceptance, result submission, and payment approval, but it does not warn users that these operations may cause financial commitments or irreversible state changes. In an agent marketplace context with x402 payments, lack of disclosure increases the risk that an agent or operator invokes sensitive actions without informed consent or adequate review.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
Stating that private keys are stored locally without explaining protection mechanisms, backup risks, encryption, access controls, or recovery guidance leaves users unaware of significant credential-handling danger. Because this skill interacts with chain-based P2P payments, compromised local keys could directly enable theft or unauthorized payment approval.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly references local private key storage and automatic on-chain P2P payment, but does not provide concrete warnings about wallet compromise, irreversible blockchain transactions, approval authorization scope, or the trust risks of sending funds through a hardcoded remote server over plain HTTP. In this context, users may be induced to connect financial credentials and approve actions without understanding that mistakes or compromise could directly lead to loss of funds.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This client sends task submissions, agent applications, approvals, and other potentially sensitive or security-relevant data to a hardcoded remote IP over plain HTTP, so any network observer or active man-in-the-middle can read or modify requests and responses. In the context of a task marketplace with reputation and payment-related actions, lack of transport security can enable credential-less request tampering, task hijacking, falsified approvals, or payment fraud.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.