Back to skill

Security audit

Ucp Ap2 Mandates

Security checks across malware telemetry and agentic risk

Overview

This skill openly provides an agent with wallet credentials and commands that can move USDC, but it leaves spending limits and recipient/network restrictions to external controls.

Install only for agents that are intentionally allowed to spend from a dedicated, limited wallet. Before use, set Coinbase/CDP policy limits or other hard controls, fund only the amount you are willing to lose, restrict which agents receive the credentials, monitor transaction history, and rotate the Wallet Secret if exposure is suspected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly targets fully autonomous agent commerce and pre-authorized spending, but it does not include any prominent warning about financial risk, spending limits, revocation, or the consequences of unattended payment execution. In a payments context, omission of user-risk messaging can contribute to unsafe integrations where developers deploy autonomous spending flows without adequate guardrails or informed consent mechanisms.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.