SUPAH Token Guardian

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed paid token-safety scanner that calls SUPAH's API and does not show hidden, destructive, or unrelated behavior.

Install only if you are comfortable with your agent making outbound token-scan requests and spending $0.08 USDC per scan via x402. Require explicit confirmation before paid scans, leave SUPAH_API_BASE unset unless you trust the replacement endpoint, and treat /tmp/guardian-result.json as a local scan-output file that may be visible or overwritten on shared machines.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill advertises shell-capable dependencies (`curl`, `node`) and network access, but no explicit permissions model is declared to constrain or disclose those capabilities. In an agent environment, this can lead to unintended command execution and outbound requests under overly broad trust assumptions, especially because the skill also supports paid network calls and an overrideable API base.

Vague Triggers

Medium

Confidence: 77% confidence
Finding: The invocation examples are phrased very broadly (e.g. natural-language prompts like 'Should I ape into this token?' and 'Full security report on $PEPE'), which makes it easy for an agent to trigger the skill implicitly from ambiguous user input. In this skill, ambiguous triggering is more dangerous because each invocation can cause outbound requests and x402 micropayments, creating both financial and privacy/exfiltration risk from accidental activation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal