Zksync

Security checks across malware telemetry and agentic risk

Overview

The skill appears to advertise zkSync guidance while providing generic, non-zkSync content, creating a real risk of misleading users.

Install only if you have reviewed and corrected the content. As presented, it should not be used as a zkSync reference source; rename it to match its generic finance content or replace the placeholder output with accurate zkSync-specific material.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill metadata and help text present this as a zkSync blockchain reference tool, but the actual content is generic placeholder material about finance, regulation, and risk. This creates a trust and integrity problem: users or downstream agents may rely on the tool for zkSync-specific guidance and receive irrelevant or misleading information, which can cause incorrect decisions in a blockchain context.

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The inline documentation explicitly claims the script is a zkSync reference tool, yet the embedded commands output broad generic text unrelated to zkSync. In an agent skill ecosystem, deceptive or inaccurate self-description is dangerous because orchestration logic or users may select this tool based on false claims, leading to misinformation and unsafe operational choices.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal