Meme Coin Scanner

Security checks across malware telemetry and agentic risk

Overview

The advertised meme-coin scanner mostly works as described, but the package also includes an unrelated, undocumented security utility that stores command history locally.

Review before installing. Use the documented scripts/meme.sh only if you are comfortable sending token addresses to DexScreener. Avoid using scripts/script.sh unless you intentionally want a separate local security utility, and do not pass secrets, seed phrases, API tokens, or sensitive investigation details to it because arguments can be saved on disk.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (6)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 67% confidence
Finding: The skill advertises executable commands that appear to perform token scanning and listing functions, which likely require outbound network access, yet the manifest declares no permissions. Undeclared network capability weakens transparency and reviewability, making it harder for users or hosts to assess data exfiltration, remote dependency, or unexpected external calls before execution.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The script's implemented behavior is a generic local security utility and does not perform meme-coin, smart-contract, liquidity-lock, or on-chain scam analysis as described in the skill metadata. This functionality mismatch is dangerous because it can mislead users into trusting irrelevant outputs, while introducing unrelated local capabilities that expand attack surface and obscure the skill's real behavior.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The password generator is unrelated to meme-coin evaluation and creates an unjustified capability within the skill. In this context, unnecessary credential-oriented functionality is suspicious because it can normalize handling secrets in a tool that should only inspect tokens, and it may encourage users to generate or expose sensitive material through an unrelated workflow.

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: Generic encryption and hashing helpers are outside the stated scope of meme-coin scam and on-chain audit analysis. Their presence increases the mismatch between declared and actual behavior, making the skill harder to trust and potentially enabling misuse of a supposedly token-analysis tool for unrelated data handling tasks.

Intent-Code Divergence

High

Confidence: 97% confidence
Finding: The inline documentation explicitly describes a security scanning and hardening tool, directly contradicting the manifest's meme-coin scanner purpose. This discrepancy is dangerous because it signals deceptive or poorly governed packaging, which can cause users and reviewers to grant trust based on false expectations while hidden or unrelated functionality is executed.

Missing User Warnings

Medium

Confidence: 99% confidence
Finding: The logging helper writes raw command arguments to a persistent history file without warning or redaction. If users pass contract addresses under investigation, API tokens, seed phrases, passwords, or other sensitive values as arguments, those secrets may be stored on disk and later exposed to other local users, backups, or incident responders.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal