Canopy

Security checks across malware telemetry and agentic risk

Overview

Canopy is a clearly disclosed wallet-payment skill, but it should only be installed when you intentionally want an agent to spend through a Canopy policy.

Install this only for an agent that should be able to use a Canopy treasury wallet. Use a least-privileged Canopy agent, tight spend caps, recipient or service allowlists, and human approval for meaningful amounts. Verify the MCP URL and dashboard yourself, confirm recipient and amount before every approval, and rotate or remove the credentials when the agent no longer needs access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list includes very broad, common payment-related phrases such as 'pay' and 'transfer', which can cause the skill to activate in ambiguous contexts where the user is discussing payments rather than intending to initiate one. In a wallet-connected skill, over-triggering increases the chance of unnecessary tool invocation, confusing payment prompts, or accidental progression toward a real funds transfer workflow.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal