Back to skill

Security audit

Onchain Test

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed crypto portfolio and exchange-history tool, but users should handle its financial data and API keys carefully.

Install only if you are comfortable letting the skill query wallet and exchange data through third-party services. Use read-only exchange API keys, disable trading and withdrawals, keep secrets out of chat prompts and logs, and review any output before sharing it because balances and trade history are sensitive financial information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README promotes commands that access wallet balances, transaction history, and centralized exchange account data, and instructs users to configure long-lived API credentials, but it does not warn that these inputs and secrets may be transmitted to third-party providers such as DeBank, Helius, Coinbase, Binance, CoinGecko, or CoinMarketCap. In an AI-agent context, this omission is more dangerous because users may invoke the tool through automation and expose sensitive financial data or account-linked metadata without understanding the privacy and trust implications.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly advertises access to wallet balances, exchange holdings, and trade history, which are sensitive financial data, but it provides no privacy warning or guidance about when an agent should avoid accessing or exposing such information. In an agent setting, this increases the risk of unnecessary collection, display, or logging of highly sensitive account-linked data in response to broad user prompts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The configuration section directs users to supply Coinbase and Binance API credentials and other account-linked keys, but it lacks any warning about secure storage, least-privilege permissions, or the danger of exposing exchange secrets. If an agent or user mishandles these credentials, attackers could gain access to sensitive account data and, depending on API permissions, potentially perform harmful actions on linked exchange accounts.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.