First Dollar

Security checks across malware telemetry and agentic risk

Overview

This wallet-teaching skill is mostly transparent, but some guidance can expose private keys or wallet files if followed carelessly.

Use only with a dedicated low-balance wallet. Do not paste private keys, seed phrases, keyfile contents, raw environment output, or wallet files into chat; prefer wallet status commands that show only addresses and balances, and avoid putting private keys directly on command lines.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 92% confidence
Finding: The skill tells users to inspect local wallet files, config files, and environment variables while framing itself as only explanatory. In a wallet-focused skill, those instructions are sensitive because they normalize handling secret-bearing locations and can lead users to expose private keys, keyfiles, or wallet metadata into the chat or logs.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The instructions explicitly advise users to search their environment for private-key variables without warning them not to print, paste, or disclose the values. In an agent skill context, this is especially dangerous because users may follow the command and then share the output with the agent, directly leaking spend authority for their wallet.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal