TON.fun Trading

Security checks across malware telemetry and agentic risk

Overview

This is a manual, instruction-only crypto trading guide with financial risk, but no hidden code, credential access, persistence, or autonomous wallet actions.

Only use this skill if you intend to interact with TON.fun or the linked trading sites. Independently verify URLs, token contracts, wallet prompts, fees, and legal/compliance implications before signing anything, and never share seed phrases or private keys.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill gives step-by-step token deployment instructions for a blockchain platform without any warning that deployment and trading actions are irreversible, may incur gas or platform fees, and can expose users to permanent financial loss. In this context, the omission is safety-relevant because users may treat the skill as operational guidance and initiate on-chain actions without understanding the risks.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal