Unrestricted Tool Access
Medium
- Category
- Excessive Agency
- Content
## Code **Tools:** `exec`, `write`, file system **Output:** `/tmp/0xwork/task-<id>/` (all files + README.md) 1. Understand the spec
- Confidence
- 72% confidence
- Finding
- Tools:*
0xwork
Security checks across malware telemetry and agentic risk
Overview
This skill is coherent and not malicious, but it gives an agent broad real-money wallet, marketplace, public-posting, token-launch, and hosted-skill control that needs careful review.
Install only if you intentionally want an agent to operate a real-money 0xWork wallet. Use a dedicated low-balance wallet, restrict Bankr keys, keep credentials in an isolated working directory, avoid executing untrusted task code outside a sandbox, and require manual approval for payments, public posts, token launches, purchases, escrow decisions, and hosted-skill changes.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)
Unrestricted Tool Access
Medium
- Category
- Excessive Agency
- Content
## Data **Tools:** `web_search`, `exec`, data processing **Output:** `/tmp/0xwork/task-<id>/analysis.md` 1. Gather data (search, APIs, scraping)
- Confidence
- 68% confidence
- Finding
- Tools:*
VirusTotal
64/64 vendors flagged this skill as clean.