Back to plugin

Security audit

ArbiLink — Arbitrum Agent Plugin

Security checks across malware telemetry and agentic risk

Overview

ArbiLink mostly matches its Arbitrum purpose, but it exposes cross-chain payment-intent capability and credential use without clear scope or approval controls, and includes mismatched skill documentation.

Before installing, decide whether you really need the ChainRails cross-chain features. If you do, use a limited API key, keep payment-intent creation behind explicit human approval, and verify the package’s skill documentation and config schema are corrected so the agent only receives accurate ArbiLink instructions.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.