Cruzl Sentinel Core

Security checks across malware telemetry and agentic risk

Overview

This Web3 strategy skill is not malicious, but it should be reviewed because it gives wallet and onchain behavior advice with broad activation and weak privacy boundaries.

Review before installing. Use it only for illustrative planning, not evidence-backed financial or onchain strategy. Do not provide seed phrases, private keys, wallet sessions, or signing access, and only submit wallet addresses when you intentionally want this skill to analyze them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger `scan` is extremely generic and can easily collide with ordinary user requests, causing the skill to activate unexpectedly. In an agent environment, broad activation increases the chance of unintended processing, confusing behavior, or invocation in contexts where the user did not intend to use this skill.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly invites users to paste wallet addresses for analysis but provides no privacy notice, data-handling disclosure, or warning about how submitted addresses may be processed or retained. Even though wallet addresses are public onchain identifiers, linking them to a live user session can create privacy and profiling risks, especially in a behavioral-analysis tool.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal