Back to skill

Security audit

Zyfai Yield Automation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed DeFi yield skill, but it gives an agent high-impact wallet authority without enough built-in scoping, confirmations, or risk warnings.

Review carefully before installing. Use only wallets and funds you are prepared to put at DeFi risk, avoid giving an agent a raw private key, pin and verify package versions, and require explicit approval for every deposit, withdrawal, smart-wallet deployment, session-key permission, cross-chain setting, and identity-registry transaction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill's core purpose is DeFi yield management, but it also exposes an unrelated on-chain identity registry registration flow. Adding transaction-capable functionality outside the stated purpose increases attack surface and creates a path for agents to perform unexpected blockchain actions that users did not request or understand.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger description is broad enough to match generic requests about earning passive yield, which can cause the skill to activate in contexts where the user did not specifically ask to move funds into this protocol. In a financial skill with deposit and withdrawal capabilities, overbroad activation materially increases the risk of unauthorized or surprising asset movement.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill encourages depositing assets into DeFi yield strategies without clearly warning about smart-contract risk, bridge/cross-chain risk, liquidity constraints, depegging, strategy loss, or delayed/asynchronous withdrawals. Because the skill can lead directly to fund deployment, omission of clear risk disclosure can cause users to commit assets without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.