Back to skill

Security audit

NadFun Token Creation

Security checks across malware telemetry and agentic risk

Overview

The skill appears to create Nad.fun tokens as advertised, but it can upload user content and perform irreversible blockchain transactions involving funds without a clear confirmation gate.

Review this skill before installing. Use it only if you are comfortable sending the selected image, token metadata, social links, wallet address, and token details to Nad.fun services, and require the agent to ask for explicit confirmation before any upload or blockchain transaction. Verify contract addresses, network, fee estimates, and any initial purchase amount before signing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (8)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to upload user-supplied images, token metadata, and related URLs to third-party Nad.fun infrastructure, but it does not require explicit user consent or clearly disclose that this content leaves the local/system boundary. This creates a privacy and data-handling risk because users may provide files, descriptions, or links assuming they are being processed locally when they are actually transmitted to an external service.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill guides the agent through on-chain token creation and optional initial purchase flows that spend real funds, incur network/deploy fees, and are effectively irreversible once broadcast. Without an explicit warning and confirmation gate, a user could trigger financially consequential blockchain transactions without understanding the cost, finality, or risk of loss.

External Transmission

Medium
Category
Data Exfiltration
Content
- **Returns:** `image_uri` (CDN URL) and `is_nsfw` (boolean)

```js
const imageResponse = await fetch("https://api.nadapp.net/agent/token/image", {
  method: "POST",
  headers: { "Content-Type": imageFile.type },
  body: imageFile,
Confidence
92% confidence
Finding
fetch("https://api.nadapp.net/agent/token/image", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
| `telegram` | string or null | Must contain `t.me` and start with `https://` |

```js
const metadataResponse = await fetch("https://api.nadapp.net/agent/token/metadata", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
Confidence
91% confidence
Finding
fetch("https://api.nadapp.net/agent/token/metadata", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
| `metadata_uri` | string | Metadata URI from Step 2 |

```js
const saltResponse = await fetch("https://api.nadapp.net/agent/salt", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
Confidence
90% confidence
Finding
fetch("https://api.nadapp.net/agent/salt", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
- **Returns:** `image_uri` (CDN URL) and `is_nsfw` (boolean)

```js
const imageResponse = await fetch("https://api.nadapp.net/agent/token/image", {
  method: "POST",
  headers: { "Content-Type": imageFile.type },
  body: imageFile,
Confidence
92% confidence
Finding
https://api.nadapp.net/

External Transmission

Medium
Category
Data Exfiltration
Content
| `telegram` | string or null | Must contain `t.me` and start with `https://` |

```js
const metadataResponse = await fetch("https://api.nadapp.net/agent/token/metadata", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
Confidence
91% confidence
Finding
https://api.nadapp.net/

External Transmission

Medium
Category
Data Exfiltration
Content
| `metadata_uri` | string | Metadata URI from Step 2 |

```js
const saltResponse = await fetch("https://api.nadapp.net/agent/salt", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
Confidence
90% confidence
Finding
https://api.nadapp.net/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.