TronScan Account Profiler

Security checks across malware telemetry and agentic risk

Overview

This is a read-only TronScan wallet lookup skill, with a privacy caveat because it can aggregate public address activity and relationships.

Install this if you want read-only TRON wallet profiling through TronScan. Be mindful that queried addresses may be sent to TronScan and that profiling third-party addresses can reveal public but sensitive patterns such as holdings, counterparties, approvals, and risk labels; use it only for legitimate, lawful purposes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill enables profiling of arbitrary TRON addresses, including holdings, DeFi participation, counterparties, approvals, and risk tags, but does not present a clear user-facing privacy warning or usage boundary before encouraging that analysis. While blockchain data is public, aggregating and surfacing relationship and risk data lowers the effort needed for surveillance, doxxing, or targeting, which makes the omission a real privacy and safety issue.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal