Back to plugin

Security audit

Intent Transfer Completion via LI.FI

Security checks across malware telemetry and agentic risk

Overview

The skill matches its LI.FI transfer purpose, but it can sign real crypto routes/transfers from a local private key without a visible confirmation step, and the supplied artifacts include secret-looking wallet/API key files.

Review carefully before installing. Do not fund or use the bundled wallet.txt key, remove/rotate exposed secrets, and only use this with a fresh low-balance wallet or secure wallet provider. Confirm the exact recipient, chain, token, amount, LI.FI route, approvals, and gas/slippage yourself before allowing any transaction to be signed.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.