Back to skill

Security audit

Safe Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about managing crypto wallets, but it gives an agent high-impact authority to move funds and submit arbitrary blockchain transactions without enough built-in confirmation guidance.

Review carefully before installing or funding a wallet. Use testnet or very small amounts first, keep the API key out of chat and logs, verify the SafeSkills provider and claim URL controls, and require explicit confirmation for every transfer or smart-contract transaction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill provides direct instructions for transferring ETH and ERC-20 tokens but does not include an explicit warning that these actions move assets irreversibly and should only be performed with clear user confirmation. In an agent setting, this increases the risk of accidental or unauthorized transfers because the documentation normalizes spending actions without emphasizing their finality.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill documents arbitrary transaction execution with custom calldata but does not warn that this can invoke any smart contract behavior, including token approvals, asset transfers, or state changes that materially affect wallet security. Because the API key authorizes server-side signing, an agent using this endpoint could trigger highly sensitive on-chain actions without understanding or communicating the consequences to the user.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.