Ordiscan

Security checks across malware telemetry and agentic risk

Overview

The skill appears to do what it says, but it can sign real USDC payments from an Ethereum private key without a built-in spending cap or confirmation step in its default script.

Install only if you trust Ordiscan and are comfortable using a dedicated, low-balance Ethereum wallet for USDC payments. Review the 402 price, recipient, and destination before signing, prefer flows with explicit max amounts, and remember that inscription content is sent to Ordiscan and can become permanently public on Bitcoin.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The sign command will blindly parse an untrusted Payment-Required header and produce a valid ERC-3009 USDC authorization for the first offered payment option without any explicit user confirmation, destination allowlisting, amount cap, or human-readable risk prompt. Because this authorization enables token transfer by the recipient within the validity window, any workflow that feeds attacker-controlled headers into this script can cause unintended real-value payments from the wallet.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal