sentry-ai

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a simple public market-data scanner, but it presents incomplete checks as anti-rug auditing and trading-safety guidance.

Review before installing. Treat this as a demo-level public token scanner, not a real anti-rug auditor. Do not rely on its SAFE labels, risk score, or audit recommendation for trading decisions, and be especially cautious of any later version that asks for wallet access, API keys, or permission to execute transactions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The module presents itself as a token auditor and returns risk recommendations such as 'LOW RISK - Generally safe to trade', but the implemented logic only validates address length and leaves meaningful security checks as placeholders. In an anti-rug scanning skill, this can mislead users into trusting a token based on a non-existent audit, creating a false sense of safety that attackers could exploit to promote malicious tokens.

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill is marketed as an 'Auditor (Anti-Rug)' but the implementation only performs simple API-based listing and a basic liquidity/volume heuristic. This can mislead users into trusting tokens as 'SAFE' without any contract analysis, ownership checks, mint authority review, liquidity lock verification, or rug-pull detection, creating a false sense of security in a high-risk financial context.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README promotes a 'One-Click Execute' capability with stop-profit/stop-loss automation and gas optimization, but it does not clearly warn that this may trigger real on-chain transactions affecting user funds. In a trading and token-scanning skill aimed at speculative meme-token activity, omission of explicit transaction-risk disclosures can mislead users into enabling automation they do not fully understand.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal