Security audit

Use Developer Controlled Wallets

Security checks across malware telemetry and agentic risk

Overview

This Circle wallet skill is mostly coherent, but it handles custody credentials and includes an example that may print a sensitive recovery file.

Review before using with real wallets. Do not print or share recovery-file contents, keep Circle API keys and ENTITY_SECRET out of chat and logs, start on testnet, pin the SDK dependency, and require explicit human confirmation before any mainnet transfer.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The description's trigger list includes generic phrases such as "create wallet" and "check balance," which are broad enough to overlap with common user requests outside this specific Circle developer-controlled-wallets context. The manifest does not provide exclusion conditions or contextual constraints to narrow when the skill should activate.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This markdown file includes ready-to-use examples that create outbound blockchain transfer transactions, which can move user funds and may be irreversible once submitted. The section explains how to create the transaction but does not warn the user about verifying destination address, token, amount, fees, or the irreversible nature of the action.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.