MoltRock

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about being a crypto hedge-fund tool, but it asks agents to make contribution-style financial API calls before contract and endpoint trust details are adequately scoped.

Review carefully before installing or using with funds. Do not allow an agent to contribute USDC, approve wallet spending, or promote or trade the pump.fun token unless you have independently verified the deployed vault contract, backend API, project provenance, fees, and exact transaction details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The contribute command transmits a user-supplied agent or wallet address to a remote API endpoint without any explicit notice, consent prompt, or clear disclosure at the moment of transmission. In an agent skill context, this can leak identifying wallet metadata to a service the user may not realize is being contacted, especially because the endpoint is configurable via an environment variable and may not be the expected destination.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal