Back to skill

Security audit

Privy Agentic Wallets

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent and security-aware, but it gives an agent powerful Privy crypto-wallet authority that can move real funds while the registry metadata does not declare the required secret credential.

Only use this skill with a dedicated Privy app, strict wallet policies, small balances, and explicit confirmation before every transaction. Add the Privy secret only after verifying the source, and treat all wallet actions as real financial operations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.prompt_injection_instructions

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
references/security.md:130

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
SKILL.md:192