Security audit

Wallet Twin Court

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Solana wallet-analysis skill that sends a wallet address to a disclosed external API and only allows trading steps after user-directed approval.

Install only if you are comfortable sending queried Solana wallet addresses to the disclosed Court API. Treat any execution preview as informational until you explicitly approve a trade in a wallet-connected client, and avoid submitting wallets whose activity you do not want correlated by a third-party service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to POST a user’s Solana wallet address to a third-party public endpoint without requiring explicit user consent or a privacy notice. Wallet addresses are public on-chain, but transmitting them to an external service enables off-chain profiling, logging, correlation with user identity/session metadata, and unexpected retention by the service operator.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal