Back to skill

Security audit

Hyperliquid Perp Signals

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it presents trading signals as live market intelligence while the bundled code generates deterministic mock data.

Install only if you want a demo or template for a future market-data scanner. Do not use its output for real trading decisions unless the mock functions are replaced with verified live exchange data and the CLI clearly labels data source and freshness.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
This skill appears to market itself as a live trading signal system while reportedly using fabricated or mock market data and incomplete exchange coverage. In a trading context, that mismatch is dangerous because users may make real financial decisions based on synthetic signals they believe reflect live Hyperliquid, Binance, or Bybit conditions, creating substantial risk of loss and undermining operator trust.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The skill advertises live Hyperliquid/Binance perpetual signal scanning, but the core data sources are fabricated by local mock generators rather than fetched from real venues. In a trading context, this is dangerous because users may make financial decisions based on synthetic outputs that appear legitimate, causing direct monetary loss and undermining trust in the agent.

Intent-Code Divergence

Low
Confidence
94% confidence
Finding
The docstring describes production behavior that posts to Hyperliquid and parses results, but the implementation only returns deterministic synthetic data. This mismatch is a security-relevant integrity issue because it can mislead reviewers and operators into believing the tool is consuming live market data when it is not.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.