KaspaCom DEX MCP

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate-looking DEX helper, but it includes commands that can move crypto funds without clear confirmation safeguards.

Review before installing. Use read-only pair and price commands freely, but do not allow unattended swaps or liquidity changes. Require the exact token pair, amount, network, wallet, quote, fees, slippage, and expected transaction effect to be shown and explicitly confirmed before any transaction command runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly includes transaction-capable commands for swaps and liquidity management but provides no warning that these actions can execute real on-chain trades and change user funds. In an agent context, this increases the risk of accidental or insufficiently confirmed financial transactions, especially because the same document mixes read-only and state-changing examples without clear safety boundaries.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal