Back to skill

Security audit

Onchain CLI

Security checks across malware telemetry and agentic risk

Overview

This crypto CLI skill matches its stated purpose, but it needs Review because it handles exchange API credentials and financial account data without enough scope, privacy, or storage guidance.

Review before installing if you plan to connect real wallets or exchange accounts. Use newly created read-only Coinbase/Binance keys with trading and withdrawals disabled, protect the config files, avoid committing .onchainrc.json5, and assume wallet/account lookups and JSON output may expose financial identifiers to third-party APIs and agent logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README documents use of highly sensitive financial data sources, including exchange account balances, trade history, wallet histories, and API-key based configuration, but provides no security guidance on credential storage, least-privilege API key setup, local config file protection, or risks of exposing wallet/account data in logs and agent output. In an AI-agent context, this omission is more dangerous because users may run commands automatically, pass secrets through environment variables, or serialize sensitive results with `--json`, increasing the chance of inadvertent credential or financial data exposure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs use of commands that query wallet balances, transaction history, portfolios, and centralized exchange account data through third-party providers, but it does not warn that user addresses, account-linked metadata, and API-backed financial data may be disclosed to external services. In an agent context, this omission can cause users or downstream systems to send sensitive financial identifiers to external APIs without informed consent, increasing privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.