NEAR Protocol CLI installation and setup guide.

Security checks across malware telemetry and agentic risk

Overview

This documentation-only skill is not clearly malicious, but it asks agents to help with high-impact NEAR blockchain actions and credential workflows without enough safety boundaries.

Install only if you want an agent helping with NEAR CLI work. Before allowing any command that sends, stakes, deploys, signs, imports, or exports accounts, confirm the exact account, network, recipient, amount, fees, and command text. Avoid sharing seed phrases or private keys in chat or logs, prefer testnet or low-value accounts first, and use verified installer downloads instead of piping remote scripts directly into a shell.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Rogue AgentSelf-Modification, Session Persistence

Findings (16)

Intent-Code Divergence

Medium

Confidence: 84% confidence
Finding: The skill is presented as an installation/setup guide, but its description explicitly expands scope to using NEAR CLI for arbitrary blockchain actions. That broader operational capability increases the chance an agent will perform sensitive wallet, account, or transaction actions beyond simple setup, which is risky in an installation-focused skill.

Context-Inappropriate Capability

Medium

Confidence: 87% confidence
Finding: The guide includes account import and account creation flows, which involve sensitive credentials and potentially state-changing blockchain operations. In a generic setup skill, this can prompt agents or users into handling seed phrases, keys, and funded account actions without strong consent boundaries or security warnings.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The README documents credential import/export, token transfers, staking, contract deployment, and signed transaction submission without clear safety warnings about irreversible fund movement, secret handling, or the risk of acting on the wrong network/account. In an agent context, this increases the chance that an automated system executes high-impact blockchain actions without explicit human confirmation or operational safeguards.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The documentation tells users to fetch a remote installer and execute it immediately via a shell pipe. This bypasses inspection, checksum/signature verification, and makes compromise of the upstream release channel or network path directly translate into arbitrary code execution.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The account import guidance references seed phrases or keys without any warning about their sensitivity. That omission can normalize unsafe handling of wallet secrets and increase the likelihood they are exposed in logs, chat transcripts, shell history, or to the agent itself.

Session Persistence

Medium

Category: Rogue Agent
Content: # Import existing account near account import-account # Create new account near account create-account # Export account credentials
Confidence: 72% confidence
Finding: Create new account near account create-account # Export account credentials near account export-account ``` ### Token Operations ```bash # View NEAR balance near tokens <account-id> network-config m

External Script Fetching

Low

Category: Supply Chain
Content: **Linux/macOS/WSL (recommended):** ```bash curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ``` **npm/npx (any platform with Node.js):**
Confidence: 95% confidence
Finding: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh

External Script Fetching

Low

Category: Supply Chain
Content: ```bash # Use longer timeout curl --proto '=https' --tlsv1.2 -LsSf --connect-timeout 30 --max-time 300 \ https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ```
Confidence: 95% confidence
Finding: curl --proto '=https' --tlsv1.2 -LsSf --connect-timeout 30 --max-time 300 \ https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh

External Script Fetching

Low

Category: Supply Chain
Content: **Best for:** Most Linux and macOS users ```bash curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ``` **if not add near to PATH:**
Confidence: 97% confidence
Finding: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh

External Script Fetching

Low

Category: Supply Chain
Content: **Solution:** ```bash # Use a longer timeout with curl curl --proto '=https' --tlsv1.2 -LsSf --connect-timeout 30 --max-time 300 https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ```
Confidence: 97% confidence
Finding: curl curl --proto '=https' --tlsv1.2 -LsSf --connect-timeout 30 --max-time 300 https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh

External Script Fetching

Low

Category: Supply Chain
Content: ```bash # Install (Shell script) curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh # Install (npx) npx near-cli-rs
Confidence: 97% confidence
Finding: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh

Chaining Abuse

High

Category: Tool Misuse
Content: **Linux/macOS/WSL (recommended):** ```bash curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ``` **npm/npx (any platform with Node.js):**
Confidence: 97% confidence
Finding: | sh

Chaining Abuse

High

Category: Tool Misuse
Content: ```bash # Use longer timeout curl --proto '=https' --tlsv1.2 -LsSf --connect-timeout 30 --max-time 300 \ https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ``` ## 📚 Resources
Confidence: 97% confidence
Finding: | sh

Chaining Abuse

High

Category: Tool Misuse
Content: **Best for:** Most Linux and macOS users ```bash curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ``` **if not add near to PATH:**
Confidence: 99% confidence
Finding: | sh

Chaining Abuse

High

Category: Tool Misuse
Content: **Solution:** ```bash # Use a longer timeout with curl curl --proto '=https' --tlsv1.2 -LsSf --connect-timeout 30 --max-time 300 https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh ``` ## Version Information
Confidence: 99% confidence
Finding: | sh

Chaining Abuse

High

Category: Tool Misuse
Content: ```bash # Install (Shell script) curl --proto '=https' --tlsv1.2 -LsSf https://github.com/near/near-cli-rs/releases/latest/download/near-cli-rs-installer.sh | sh # Install (npx) npx near-cli-rs
Confidence: 99% confidence
Finding: | sh

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal