Security audit

Orderly One Dex

Security checks across malware telemetry and agentic risk

Overview

This is a coherent, instruction-only guide for managing an Orderly DEX, with expected but sensitive wallet-signing and external API steps.

Install only if you intend to manage an Orderly One DEX. Before signing wallet messages, transferring tokens, registering accounts, or finalizing admin wallets, verify the official Orderly domain, inspect the exact payload, confirm chain IDs, recipients, fees, and broker IDs, and prefer testnet or a limited-purpose wallet for setup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (5)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill instructs users to generate wallet signatures and send signed registration payloads, addresses, and broker/account metadata to external APIs, but it does not include any explicit user-facing warning, consent checkpoint, or guidance on verifying the domain and signed message scope. In a wallet-based workflow, signatures are sensitive authentication artifacts; omitting disclosure and verification guidance increases phishing, account-linking, and unintended authorization risk.

External Transmission

Medium

Category: Data Exfiltration
Content: **EVM Wallet:** 4. Register with Orderly Network API: - `GET https://api.orderly.org/v1/registration_nonce` - Sign EIP-712 typed data: `{ brokerId, chainId, timestamp, registrationNonce }` - `POST https://api.orderly.org/v1/register_account` with `{ message, signature, userAddress, chainType: "EVM" }`
Confidence: 81% confidence
Finding: https://api.orderly.org/

External Transmission

Medium

Category: Data Exfiltration
Content: - `GET https://api.orderly.org/v1/registration_nonce` - Sign EIP-712 typed data: `{ brokerId, chainId, timestamp, registrationNonce }` - `POST https://api.orderly.org/v1/register_account` with `{ message, signature, userAddress, chainType: "EVM" }` 5. `POST /api/graduation/finalize-admin-wallet` (empty body)
Confidence: 91% confidence
Finding: https://api.orderly.org/

External Transmission

Medium

Category: Data Exfiltration
Content: **Solana Wallet:** 4. Register with Orderly Network API: - `GET https://api.orderly.org/v1/registration_nonce` - Sign message with Solana wallet: `{ brokerId, chainId: 900900900, timestamp, registrationNonce }` - `POST https://api.orderly.org/v1/register_account` with `{ message, signature, userAddress, chainType: "SOL" }`
Confidence: 80% confidence
Finding: https://api.orderly.org/

External Transmission

Medium

Category: Data Exfiltration
Content: - `GET https://api.orderly.org/v1/registration_nonce` - Sign message with Solana wallet: `{ brokerId, chainId: 900900900, timestamp, registrationNonce }` - `POST https://api.orderly.org/v1/register_account` with `{ message, signature, userAddress, chainType: "SOL" }` 5. `POST /api/graduation/finalize-admin-wallet` (empty body)
Confidence: 90% confidence
Finding: https://api.orderly.org/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal