Agentic Commerce Relay

Security checks across malware telemetry and agentic risk

Overview

This skill describes a real USDC bridge workflow, but it asks users to run missing/unreviewed relay code with a raw wallet private key that can move funds.

Review carefully before installing or using. Only run this with relay source code you have inspected and pinned, a dedicated low-balance wallet, verified Circle CCTP contract addresses and domain IDs, and explicit approval for source chain, destination chain, amount, recipient, and fees before any transaction is signed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documentation instructs users to supply a raw PRIVATE_KEY and execute a script that signs real blockchain transactions, but it does not include any warning about secret handling, wallet isolation, transaction irreversibility, or potential loss of funds. In an agentic commerce context, this omission is more dangerous because operators may automate execution and expose signing credentials in shell history, logs, CI environments, or shared agent runtimes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal