OpenSea

Security checks across malware telemetry and agentic risk

Overview

This OpenSea skill appears to provide disclosed, read-oriented access through the OOMOL CLI, with no artifact-backed evidence of hidden or destructive behavior.

Install this only if you are comfortable connecting OpenSea through OOMOL and allowing the agent to run oo connector commands for OpenSea data. Treat the remote CLI installer and account connection as trust decisions, and confirm carefully if any future connector action is tagged as write or destructive.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: The manifest and description claim this skill is for searching and reading OpenSea data, but the body explicitly discusses actions that may be tagged [write] or [destructive] and provides generic execution instructions for any connector action. That mismatch can mislead an agent or user into treating the skill as read-only while still enabling state-changing operations, which increases the chance of unintended or unauthorized actions on the connected OpenSea account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal