Security audit

Teneo Agent SDK/CLI

Security checks across malware telemetry and agentic risk

Overview

This is a functional Teneo wallet/payment CLI, but it grants automatic crypto payment and transaction-signing authority and can print the wallet private key, so users should review it carefully before installing.

Install only if you intend to let this skill manage a Teneo payment wallet. Use a fresh low-balance wallet, avoid TENEO_PRIVATE_KEY for any valuable wallet, review prices before running paid commands, and treat wallet-export-key output as a live secret that should not appear in logs or transcripts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: The CLI includes a `wallet-export-key` command that decrypts and prints the private key to stdout, which is unnecessary for the core use case of querying agents and making micropayments. In an agent-driven environment, exposing the key in process output creates a direct path to full wallet compromise, fund theft, and impersonation if logs, transcripts, or downstream tools capture the output.

Intent-Code Divergence

High

Confidence: 99% confidence
Finding: The documentation states the key is never logged or transmitted, but the code can deliberately decrypt and output the private key through `wallet-export-key`. That contradiction can mislead users and integrators into trusting the tool with higher-risk automation, while a single invocation exposes the most sensitive secret the system holds.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill advertises automatic payments and automatic transaction signing without requiring strong, per-action user consent. In a tool that can spend funds and sign on-chain transactions initiated by remote agents, this materially raises the risk of unauthorized spending, malicious transaction approval, and irreversible blockchain loss.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.