Back to skill

Security audit

Agent Layer

Security checks across malware telemetry and agentic risk

Overview

This skill is clearly about installing an agent crypto wallet, but it uses unattended remote installer commands for high-impact financial tooling.

Install only if you trust the AgentLayer package and understand that it may add persistent wallet and finance capabilities to your agent host. Verify the package source/version first, avoid holding meaningful funds until you understand key storage and permissions, and look for uninstall and recovery documentation before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to run `npx` installer commands with `--yes`, which downloads and executes remote package code without an interactive confirmation step or any warning to the user about system modifications. In this context, the package installs a local crypto wallet runtime and host-specific integrations, so compromise of the package, typo-squatting, or misuse by an autonomous agent could lead to arbitrary code execution, persistence, wallet exposure, or unsafe financial capabilities being added to the host.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.