Back to skill

Security audit

Substrate

Security checks across malware telemetry and agentic risk

Overview

The skill does not appear to access data or perform harmful actions, but it is labeled as a Substrate blockchain reference while its actual content is mostly generic finance and compliance text.

Review before installing. This looks non-destructive, but it should not be relied on for Substrate development, blockchain architecture, runtime, pallet, consensus, storage, extrinsic, or compliance decisions unless independently verified.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill presents itself as a Substrate blockchain reference tool, but its commands are generic finance/regulatory topics such as formulas, regulations, instruments, and strategies. This mismatch can mislead users and downstream agents into invoking a tool under false assumptions, increasing the risk of inappropriate advice, domain confusion, or unsafe task routing in blockchain and finance contexts.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a Substrate blockchain reference tool, but the exposed commands and content are largely generic finance, compliance, and risk material rather than Substrate-specific guidance. This mismatch can mislead users or downstream agents into trusting inaccurate domain output, creating a supply-chain style integrity problem where decisions are made on false assumptions about the tool’s scope and expertise.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The inline documentation advertises a Substrate blockchain tool, but the script body delivers unrelated generic reference text. In an agent setting, misleading documentation increases the chance that the skill is invoked in security- or compliance-relevant blockchain workflows where users assume authoritative Substrate guidance and receive incorrect information instead.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.