Security audit

Ai Narrative

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed paid market-data integration, but it asks an agent to use an EVM private key for automatic payments without enough spending controls or key-safety guidance.

Review before installing. Use only a dedicated low-balance wallet for EVM_PRIVATE_KEY, avoid reusing any wallet that holds important funds, and monitor or cap calls because each agent request can trigger a paid on-chain-backed x402 authorization.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill requires an EVM private key and states that the x402 client will handle payment authorization automatically, but it does not clearly warn users that supplying that key can trigger paid on-chain requests. This can lead operators to expose a funded signing key to an agent or invoke the skill without understanding the financial consequences, increasing the risk of unintended charges and unsafe key handling.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal