TokenDraft

Security checks across malware telemetry and agentic risk

Overview

TokenDraft is purpose-aligned and not clearly malicious, but it can automate repeated paid Solana tournament buy-ins without clear spending limits or per-transaction approval.

Install only if you trust TokenDraft and are comfortable giving an agent a Solana private key. Use a dedicated low-balance wallet, avoid enabling paid auto-join unless you have external spend limits, and disable or remove cron jobs when not actively needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The auto-join cron explicitly instructs the agent to join all open tournaments, including paid tournaments when `buyInAmountSol > 0`, without requiring a fresh per-transaction user confirmation or an explicit spend limit. Because the skill also has access to a Solana private key and signs buy-in transactions locally, this creates a real risk of unattended financial transactions and repeated loss of funds if triggered by server-side tournament listings or misconfiguration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal