Discover Artblocks Projects

Security checks across malware telemetry and agentic risk

Overview

This Art Blocks browsing skill is mostly read-only, but it points agents toward purchase-transaction and broad query tools without clear safeguards.

Install only if you are comfortable with the external artblocks-mcp server and with agents querying Art Blocks wallet/profile data. Treat any purchase-transaction follow-up as out of scope for a simple discovery skill unless you explicitly ask for it and review the transaction details yourself.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill is presented as a discovery/browsing capability, but the documentation directs the agent to use additional undeclared operations such as GraphQL tools and downstream tools including transaction-related flows. This creates capability drift between the declared interface and the documented behavior, which can cause an orchestrator or reviewer to underestimate what the skill may induce an agent to do.

Context-Inappropriate Capability

High

Confidence: 98% confidence
Finding: Referencing `build_purchase_transaction` inside a skill framed as read-only discovery introduces an unexpected path from information retrieval to transaction preparation. Even if no signing occurs here, normalizing or encouraging transaction-building in a browsing skill increases the chance of unsafe agent behavior, confused-deputy actions, or user surprise about financial operations.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The wallet and profile features explicitly state that holdings and eligibility are aggregated across all linked wallets, but the skill provides no user-facing privacy warning or consent guidance. This can expose a broader financial/profile picture than a user expects, especially when querying by username, increasing privacy and profiling risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal