Back to skill

Security audit

verity-guard

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paid remote verification skill, with clear cautions around wallet use and no hidden persistence or destructive behavior in the artifact.

Install only if you are comfortable using VerityLayer as a third-party verification service. Use a dedicated low-balance Base wallet for VERITY_WALLET_KEY, do not reuse a main wallet, and avoid sending secrets, private documents, or regulated data unless you have reviewed and accepted the service’s handling of that content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill declares that it requires the environment variable `VERITY_WALLET_KEY`, but the skill metadata does not appear to declare permissions in a way the analyzer recognizes. Because this key is a spend-capable private wallet key, exposing env access without an explicit permission model creates a real secret-handling risk and weakens reviewability of what sensitive data the skill can access.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The catalog instructs users to directly POST content to external domains, including arbitrary `content`, `payload`, `claim`, and `context`, but it does not warn that this may transmit sensitive user or system data off-platform. In a security-oriented skill, this omission is more concerning because users may reasonably send secrets, prompts, policies, or internal documents for checking, creating a real risk of unintended data exfiltration or privacy/compliance violations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.