Sentinel

Security checks across malware telemetry and agentic risk

Overview

This Solana security skill is not clearly malicious, but it asks agents to rely on an undeclared local Sentinel command for financial transaction safety decisions.

Review before installing. Use this only if you already know and trust the exact `sentinel` CLI that will run locally, and keep invocation limited to Solana transaction or wallet-security contexts. Do not rely on it to approve transactions until the executable source, version, and policy file are verified.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger list includes broad phrases such as "scan," "security check," "risk assessment," and especially "is this safe," which are likely to match ordinary conversation rather than explicit invocation intent. This can cause the security skill to activate unexpectedly, potentially intercepting unrelated prompts or creating routing ambiguity where normal user messages are treated as security-review requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal