Back to skill

Security audit

Swap Tokens

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed crypto token-swap helper, but users should treat it as financial authority because it can execute real trades from an authenticated wallet.

Install only if you want an agent to help execute crypto swaps from an authenticated wallet. Before approving any swap, verify the chain, token symbols or contract addresses, input amount, expected output, and slippage. Avoid vague requests when you only want price, balance, or general token information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The invocation description is extremely broad and includes common conversational phrases such as 'buy', 'sell', 'convert', 'get some ETH', and 'swap tokens', which can cause the skill to trigger in ambiguous contexts. Because this skill performs high-risk financial actions on a wallet, accidental or overly eager invocation could lead to unintended token trades, especially if downstream confirmation is weak or skipped.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.