Monero Transaction Analysis

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Monero analysis guide, but users should treat its privacy and forensic-analysis claims carefully.

Install only if you want an educational Monero transaction-analysis guide. Do not assume the named explorer or any referenced CLI protects your privacy; verify tools independently, use Tor or a trusted/self-hosted explorer for sensitive lookups, and only analyze transactions you are authorized to investigate.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 90% confidence
Finding: The document gives a specific privacy assurance ('No IP logging') for a third-party explorer without evidence, caveats, or a verifiable source. In a privacy-focused cryptocurrency context, users may rely on this claim when handling sensitive transaction lookups, creating a risk of deanonymization or misplaced trust if the service logs or shares metadata.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill instructs users on address clustering, spend-pattern analysis, and fund tracking without warning about privacy, legal, or ethical constraints. In the Monero context, this can normalize surveillance-oriented use and encourage analysis of third-party financial activity in ways that may violate laws, platform rules, or reasonable privacy expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal