Near Airdrop Hunter

Security checks across malware telemetry and agentic risk

Overview

This skill does not appear to steal data or run hidden transactions, but it overstates crypto claim/check capabilities and can mark an airdrop as claimed when no claim happened.

Treat this as a link-and-notes helper, not an automated airdrop checker or claimer. Do not rely on its local claimed list as proof that rewards were secured, verify every claim URL independently, and be cautious before connecting a wallet or signing any transaction on third-party sites.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill advertises eligibility checking, but the implementation only prints a URL and tells the user to do the check manually. This is a security-relevant integrity issue because users or higher-level agents may trust the automation claim and make decisions based on a check that never actually occurred.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The skill claims to claim rewards, but it performs no on-chain or API claim and instead writes a local 'claimed' record. This can mislead users into believing assets were secured when nothing was claimed, potentially causing missed deadlines, duplicate workflows, or false audit/tracking data around financial rewards.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The command naming and help text state 'Claim airdrop' even though the code only instructs manual action and updates local tracking. In a financial/crypto context, this mismatch is dangerous because it creates false assurance about asset recovery and system state.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README instructs users to run a claim command for airdrops but does not warn that claiming may prompt wallet signing, spend gas, or trigger irreversible on-chain actions. In a crypto context, omission of transaction-risk warnings can lead users to approve unintended transfers or interact with malicious claim flows, increasing the chance of financial loss.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill states that tracking data is stored in ~/.near-airdrop/tracking.json but does not clearly warn users that claiming and tracking can persist account activity data locally. This is a privacy and transparency issue because wallet/account identifiers and claim history may remain on disk unexpectedly, creating exposure on shared systems or through backups and logs.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The script stores account identifiers and timestamps in a persistent file under the user's home directory without explicit disclosure or access control hardening. While not a direct exploit by itself, it creates a privacy and operational metadata leak on shared systems or in environments where home-directory files are collected or synced.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal