Security audit

Crowded Trade Detector

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate paid crypto-signal integration, but it asks agents to use an EVM private key for automatic paid requests without clear per-call user confirmation.

Review before installing. Use a dedicated low-balance wallet on Base mainnet, confirm the price before each call, avoid storing a primary wallet private key in the agent environment, and monitor repeated calls because the skill can authorize real USDC charges when invoked.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to make an x402-authenticated request using an EVM private key and notes that payment authorization is handled automatically, but it does not present a clear warning that invoking the skill can spend wallet funds. This creates a real risk of unintended on-chain charges or repeated paid calls by users or agents who do not fully understand the billing behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal