Elytro - Ethereum Wallet

Security checks across malware telemetry and agentic risk

Overview

This skill is a review concern because the packaged file contains no usable wallet instructions and instead tells the agent to obey mutable instructions from a remote GitHub URL.

Only install this after reviewing the exact remote repository content and understanding who controls it. Do not use it with real wallet keys, production accounts, or valuable funds unless the skill vendors its instructions locally or pins them to an immutable, reviewed commit with clear credential and transaction safeguards.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 99% confidence
Finding: The file explicitly instructs the agent to fetch and follow a remote SKILL.md from GitHub, which transfers trust from the reviewed local artifact to mutable external content. This creates a prompt-injection and supply-chain risk because the remote file can change over time, evade local review, and introduce arbitrary instructions or network-triggered behavior without user awareness.

Ssd 1

High

Confidence: 99% confidence
Finding: The instruction to stop processing the local file and obey an external URL is a direct delegation of authority to untrusted remote content. In an agent setting, this can bypass security review of the shipped skill, enable silent behavior changes after deployment, and allow attackers controlling the remote repository or its supply chain to issue harmful instructions.

VirusTotal

No VirusTotal findings

View on VirusTotal