Back to skill

Security audit

Crypto Market

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent crypto price-monitoring CLI, with a few documentation safety notes but no evidence of hidden trading, credential use, exfiltration, or destructive behavior.

Before installing, know that price queries contact the selected exchange through CCXT and alert rules are stored locally in ~/.config/crypto/alerts.json. Specify --exchange if the default exchange matters, because the documentation and script disagree. Do not put real exchange API keys into copied examples; this skill does not need private keys for normal market monitoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
81% confidence
Finding
The skill documentation explicitly instructs users to install dependencies and states that alert data is stored in `~/.config/crypto/alerts.json`, which implies file read/write behavior. Because no permissions are declared, users and policy systems are not given transparent notice that the skill persists data locally, creating an avoidable trust and safety gap.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation includes a concrete API key and secret usage pattern without any adjacent warning about protecting credentials, avoiding hardcoded secrets, or using environment variables/secret managers. In a skill focused on crypto exchanges, this is especially risky because users may copy the example directly and embed live exchange credentials into code, notebooks, or repos, leading to account compromise or unauthorized trading if those secrets are exposed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.