CoinFello

Security checks across malware telemetry and agentic risk

Overview

CoinFello is a high-risk crypto skill, but its sensitive wallet, signing, session, and delegation behavior is clearly disclosed and fits its stated purpose.

Install only if you trust CoinFello and are comfortable giving an agent crypto-signing capability. Avoid --use-unsafe-private-key except for testing, consider pinning @coinfello/agent-cli instead of using @latest, verify COINFELLO_BASE_URL before delegation flows, review every pending delegation before running approve_delegation_request, and stop the signer daemon when not needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: # 1. Start the signing daemon (optional, but avoids repeated Touch ID prompts) npx @coinfello/agent-cli@latest signer-daemon start # 2. Create a smart account (uses Secure Enclave by default) npx @coinfello/agent-cli@latest create_account # 3. Sign in to CoinFello with your smart account (SIWE)
Confidence: 76% confidence
Finding: Create a smart account (uses Secure Enclave by default) npx @coinfello/agent-cli@latest create_account # 3. Sign in to CoinFello with your smart account (SIWE) npx @coinfello/agent-cli@latest sign_in

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal