Security audit

Cross Asset Contagion Institutional

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed x402 payment helper that can spend from a configured wallet, so users should install it only with tight wallet and spend limits.

Install only if you intend the agent to make paid x402 calls. Use a dedicated wallet with minimal funds, configure spend caps or recipient allowlists where available, and review costs before allowing automated paid requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly instructs the agent to use an EVM private key from the environment and states that payment authorization happens automatically, but it does not include a clear warning that the key is highly sensitive or that invoking the skill can spend funds. In an agent setting, this can cause unintended on-chain payments or encourage unsafe key exposure practices, especially if users do not realize the call is billable and wallet-backed.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal