Cavos Cli

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about using a Starknet wallet, but it gives an agent broad transaction and approval powers without enough safety guardrails.

Install only if you trust the Cavos CLI package and intentionally want an agent to help with wallet operations. Before any transfer, approval, execute, or multicall, manually confirm the active wallet, network, recipient or spender, token, amount, contract address, calldata, and expected result; prefer simulation first, avoid unlimited approvals, and revoke or expire sessions when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documents token transfers, approvals, contract execution, and multicall operations without prominently warning that these actions can irreversibly move assets, grant spending rights, or invoke arbitrary contract logic on-chain. In an agent setting, this increases the chance that a user or downstream automation treats these commands as routine operations and triggers financially significant transactions without explicit confirmation safeguards.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal