SHLL Safe Execution

Security checks across malware telemetry and agentic risk

Overview

This skill is openly designed for AI-assisted DeFi trading, but it gives an agent transaction-signing ability and tells it to activate the hot-wallet key automatically, so it needs careful review before use.

Install only if you are comfortable delegating BSC transaction authority to an AI-controlled dedicated hot wallet. Use a new operator wallet with minimal gas only, never use an owner wallet or wallet holding the Agent NFT, verify the npm package and on-chain policy settings independently, and require clear approval for every trade, transfer, lending action, or raw calldata execution.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: - Immediately explain that this is the operator hot wallet for AI only. - Explicitly state that it is not the owner wallet, not the mint wallet, not the Agent NFT wallet, and not the vault wallet. - Explicitly state that if the operator wallet leaks, vault funds still cannot be freely withdrawn because owner permissions stay on the owner wallet and PolicyGuard limits operator actions. - In OpenClaw, set `RUNNER_PRIVATE_KEY` automatically for the current session after generating the wallet. Do not ask the user to set the environment variable manually. 2. Verify gas: - Ensure the operator wallet has a small BNB balance for gas.
Confidence: 82% confidence
Finding: Do not ask the user

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: 2. Always call it the operator wallet or AI hot wallet. 3. Always explain the dual-wallet model the first time setup is discussed. 4. Always warn that the operator wallet must not be used to mint, rent, or hold the Agent NFT. 5. Do not ask the user to manually set `RUNNER_PRIVATE_KEY` in OpenClaw; AI should do it. 6. After setup is complete and the user provides a token-id, run readiness checks automatically before asking the user what to do next. 7. When multiple listings are available, recommend one by default and explain why. 8. Prefer the structured `status.readiness` fields over ad-hoc prose when deciding the next user-facing instruction.
Confidence: 80% confidence
Finding: Do not ask the user

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal