Crypto Whale Alerts

Security checks across malware telemetry and agentic risk

Overview

This is a local mock-data crypto alert helper with misleading trading-label bugs, but it does not show hidden access, credential use, persistence, or destructive behavior.

Install only as a local demo or starting point. Do not treat its output as live market intelligence or trading advice until the mock-data limitation and inflow/outflow classification are corrected and independently tested.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The function claims to detect accumulation/distribution, but its implemented inflow/outflow semantics are inconsistent with the skill description. In a trading-alert skill, semantic inversion can cause downstream agents or users to interpret bullish activity as bearish, or vice versa, leading to incorrect automated decisions or financial losses.

Intent-Code Divergence

High

Confidence: 98% confidence
Finding: The alert labeling logic marks transactions as INFLOW when the sender is a known whale address, which contradicts the manifest's stated semantics that exchange receiving indicates inflow and outbound movement to cold storage indicates outflow. Because this skill produces actionable trading alerts, reversed labels can directly mislead operators or autonomous agents into taking the opposite market action.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal