Security audit

Spraay Batch Payments

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed crypto payment helper, but users should verify every transaction because it can move real funds.

Install only if you intend to let an agent assist with crypto payments through Spraay. Before any paid endpoint or transfer, independently verify the configured gateway URL, recipients, chain, token, amounts, and x402 fee, because blockchain transfers may be irreversible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The skill is configured to trigger on broad payment-related phrases such as sending payments, batch transfers, payroll, invoices, balances, and name resolution. Because this skill can initiate irreversible blockchain transfers and incur paid API calls, broad activation increases the chance it is selected in ambiguous contexts and performs high-risk financial actions without sufficiently narrow intent matching.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.