Agent Outlier

Security checks across malware telemetry and agentic risk

Overview

This skill is for a real-money on-chain game and is mostly disclosed, but it needs Review because it asks for a private key and includes broad triggers plus an unlimited automated spending loop.

Install only if you intentionally want an agent to operate an Agent Outlier wallet on Base mainnet. Use a dedicated low-balance wallet, never a primary wallet private key, review the SDK before funding it, and avoid continuous-play examples unless you set explicit round, time, and spend limits.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger description is broad enough to activate on common words like 'arena', 'finalize', or 'tier', which can cause the skill to engage in situations the user did not intend. In this skill, accidental activation is more dangerous than usual because the skill is designed to use a private key and initiate paid on-chain actions on Base mainnet.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The continuous-play example shows an infinite loop that repeatedly calls a paid transaction workflow without a prominent warning, spending ETH on entry fees and gas every round until manually stopped. Because this skill targets live mainnet gameplay and requires a private key, users or downstream agents could copy this pattern and unintentionally drain funds through repeated commits, reveals, finalizations, and claims.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal