Back to skill

Security audit

Inflynce Campaign

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-built for Inflynce campaign creation, but it handles real wallet private keys and on-chain USDC transfers/approvals in ways users should review carefully before installing.

Install only if you are comfortable with a skill that can help create paid public marketing campaigns and broadcast Base transactions. Prefer the web wallet flow, or use a dedicated low-balance wallet; avoid passing private keys on the command line, keep approval amounts small, verify the Inflynce addresses, and revoke unused USDC allowances when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description says to use this skill for broadly 'boosting any content' and promoting 'any https:// link,' which is overly permissive for a capability that can trigger real financial spend and public promotion. In an agent setting, such broad invocation guidance increases the chance of misuse, including promoting unreviewed, deceptive, or policy-violating links without adequate user confirmation or content screening.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script explicitly allows passing a wallet private key via the command line (`--private-key`), which exposes the secret through shell history, process listings, CI logs, and agent telemetry. In this context the key authorizes on-chain transactions, so accidental disclosure can lead to wallet compromise and unauthorized token movements beyond this single approval flow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
test/create_campaign.test.js:16

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/create_campaign.js:73

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
scripts/pay_fee.js:36

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
scripts/top_up.js:36