Multi-Sig Treasury
Security checks across malware telemetry and agentic risk
Overview
This is a plain Markdown guidance skill for DAO multisig treasury operations; it is high-stakes but disclosed, coherent, and does not include executable or hidden behavior.
Use this skill as a checklist and drafting aid, not as authority to move funds. Before any treasury action, manually verify Safe addresses, recipient addresses, amounts, chains, signer identities, and threshold changes in official Safe tooling, and never share seed phrases or private keys.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
54/54 vendors flagged this skill as clean.