Kaspa Dev

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Kaspa blockchain development skill, but users should treat its wallet, mainnet transaction, and node RPC examples as high-risk sample code rather than production-safe workflows.

Install only if you are comfortable reviewing blockchain sample code before use. Use testnet/devnet first, never paste or log real private keys or mnemonics, do not pass real keys through CLI arguments or agent chats, and manually verify any mainnet broadcast or externally exposed RPC configuration.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (10)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill references scripts, templates, and code paths that imply file-writing and network access, but it does not declare corresponding permissions. In an agent environment, this can bypass user expectations and platform safety controls by enabling outbound connections or filesystem modifications without explicit disclosure.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The script advertises that it builds and signs transactions, but the signing function is only a placeholder and returns the transaction unsigned. In a blockchain transaction tool, this can mislead users into believing a transaction is signed and ready for submission, causing failed broadcasts, unsafe operational decisions, or accidental handling of private keys under false security assumptions.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The JavaScript example prints the private key directly to the console, which normalizes secret disclosure and creates a high risk of accidental leakage through logs, browser devtools, screenshots, shell history, or telemetry. In a blockchain context, exposure of a private key can immediately lead to irreversible theft of funds.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The transaction example connects to a mainnet endpoint and submits a live transaction without any warning that execution may broadcast irreversible real-value transfers. Users may copy-paste and run the snippet during experimentation, causing unintended fund movement, fee loss, or misuse of production infrastructure.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The complete example prints the generated mnemonic phrase directly to stdout, which is extremely sensitive wallet recovery material. Anyone with access to console logs, terminal history, CI output, screenshots, or shared environments can recover the wallet and irreversibly steal funds; in a blockchain development skill, this is especially dangerous because users may copy example code into real workflows.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The address-generation example prints the raw private key in hex without any warning, which exposes the only credential needed to spend wallet funds. If this example is run in a real environment, the key may be captured by logs or shell history, leading to immediate and irreversible compromise of blockchain assets.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The example includes end-to-end transaction creation, signing, and immediate submission to mainnet without an explicit warning that it performs a real state-changing blockchain action that can irreversibly transfer funds. In a developer skill, users may copy-paste the sample as-is, and the lack of a prominent broadcast/funds warning increases the risk of accidental asset loss, especially because the example targets Mainnet and returns a transaction ID after submission.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The installation examples bind the RPC service to 0.0.0.0, exposing it on all network interfaces, but the warning about external RPC risk appears much later in the document rather than adjacent to the example. Readers may copy-paste this into production and unintentionally expose administrative or sensitive node functions to untrusted networks.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The configuration example places rpcuser and rpcpass directly in a plaintext config file without warning about secret exposure, file permissions, or safer secret handling. This can lead users to store reusable credentials in world-readable files, shell history, backups, or version control.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: Accepting a private key directly as a command-line argument exposes the secret to shell history, process listings, audit logs, and job runners. In the context of a blockchain wallet/transaction tool, exposure of the private key can immediately lead to theft of funds and irreversible compromise of the associated address.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal