Back to skill

Security audit

Cifer SDK

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only SDK skill whose wallet, blockchain, and remote encryption behaviors are disclosed and fit its stated purpose, though users should handle keys and files carefully.

Before installing or using this skill, verify the npm package and GitHub source, pin the SDK version, use test or least-privileged wallets first, keep PRIVATE_KEY values in a secrets manager or equivalent protected runtime, review every signature and transaction intent, and avoid sending regulated or highly sensitive files to the Blackbox service until its data-handling and retention policies are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill includes a server-side example that instantiates a wallet from `process.env.PRIVATE_KEY` but does not warn that this key is highly sensitive, must never be logged, committed, or exposed to untrusted runtimes. In an AI-agent skill context, examples are often copied directly into automation environments, so omission of key-handling guidance can lead to credential theft and unauthorized blockchain transactions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The file encryption workflow sends file contents and job metadata to the remote `blackbox.cifer.network` service, but the skill does not clearly warn users that file data leaves the local environment. In an agent skill, this is especially risky because an autonomous system may upload sensitive files under the assumption that encryption is purely local, causing unintended disclosure of confidential data to a third-party service.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.