Hyperliquid Perps

Security checks across malware telemetry and agentic risk

Overview

The skill is only a short instruction file, but it asks agents to handle live leveraged crypto trading without clear opt-in, confirmations, or risk limits.

Review carefully before installing. Treat it as capable of influencing real leveraged trades, use paper trading by default, and do not connect live Hyperliquid credentials unless you can enforce explicit live opt-in, per-trade confirmation, strict leverage and position limits, maximum-loss rules, and easy credential revocation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The invocation text is extremely broad and generic, which increases the chance the agent will trigger this skill in contexts where the user did not explicitly request live or paper derivatives trading. Because this skill can automate leveraged perpetual futures actions, accidental activation could lead to unintended market operations or financial loss.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill description advertises live trading, leverage, and automated stop-loss behavior without any warning that it can place real market orders or expose the user to liquidation and rapid losses. In the context of perpetual futures trading, especially with leverage and automation, missing safety warnings materially increases the risk that users invoke it without informed consent to financial and operational consequences.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal