Check Wallet

Security checks across malware telemetry and agentic risk

Overview

This skill is meant to check wallet balances, but it grants broader wallet command access than a read-only balance checker needs.

Review before installing. Install only if you are comfortable letting the agent use your local OpenAnt session to view wallet addresses and balances, and consider narrowing the allowed commands to `status`, `wallet addresses`, and `wallet balance`, pinning or reviewing the external CLI version, and requiring explicit confirmation before revealing full wallet identifiers or holdings.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The invocation description is broad enough to match common wallet-related conversation such as 'check my wallet' or 'what's my address' without requiring a clear privacy-aware confirmation boundary. Because this skill is user-invocable and configured to execute immediately, an overly eager trigger could cause unintended disclosure of wallet addresses and balances in the chat or to downstream logs.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill exposes sensitive financial metadata—wallet addresses, chain balances, and token holdings—without a user-facing privacy warning. Even though the commands are read-only, these details can reveal identity-linked financial activity and can be unintentionally surfaced in conversation history, agent memory, or logs.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal