Back to skill

Security audit

DeFi Security Audit

Security checks across malware telemetry and agentic risk

Overview

This is a purpose-aligned DeFi research skill, but users should understand it sends lookup targets to public APIs and can produce high-stakes risk guidance.

Install only if you want DeFi protocol research that uses public web and blockchain APIs. Do not provide wallet seed phrases, private keys, or transaction-signing authority; treat generated recommendations as informational security analysis, not financial advice, and verify current protocol state before acting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Missing User Warnings

Low
Confidence
92% confidence
Finding
The README explicitly describes pulling protocol data from DeFiLlama, GoPlus, and performing on-chain verification, but it does not clearly warn that user-supplied protocol identifiers, URLs, contract addresses, or related lookup targets may be sent to third-party services. This creates a real transparency and privacy issue because users may assume analysis is local when in fact their investigation targets can be disclosed externally.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger phrases are broad enough that ordinary user requests like 'check security' or 'is it safe' could invoke this skill unintentionally. Because the skill has network and shell-capable tooling, accidental invocation increases the chance of unnecessary external requests, data disclosure about user-supplied targets, or unexpected tool execution.

Missing User Warnings

Low
Confidence
94% confidence
Finding
The document gives concrete investment-oriented guidance such as preferring one asset over another, setting depeg alerts, and conditions for exiting, while the non-financial-advice disclaimer appears only at the very end. In a DeFi security-audit skill, users are especially likely to treat recommendations as actionable financial guidance, so delayed disclosure increases the chance of inappropriate reliance and regulatory/compliance exposure.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The document makes a strong historical exploit analogy and specifically claims an attack 'drained $285M from Drift Protocol' without qualification, which appears likely incorrect or at least materially misleading. In a DeFi security-audit skill, inaccurate exploit attribution can mislead users' risk assessment, undermine trust in the analysis, and cause downstream decisions based on false precedent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document gives concrete user-facing financial recommendations such as advising existing depositors to consider migrating funds and potential users to wait before depositing, but it does not include a prominent, specific warning that users may lose money and that the content is not financial advice. In a DeFi security-audit skill, readers are especially likely to act on such guidance, so the omission increases the chance of harmful reliance on the analysis.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The recommendations section gives actionable investment and risk-management guidance such as avoiding certain pools, waiting for audit confirmation, and limiting position sizes, but it does not clearly state near that section that users can lose money and that the guidance is not personalized financial advice. In a DeFi security-audit skill, users may treat these recommendations as authoritative, which increases the chance of financial harm if they rely on them without understanding their own risk tolerance or circumstances.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The recommendations section gives actionable protocol and portfolio guidance such as diversifying wrapped BTC exposure and using specific monitoring/verification steps, but the file does not place a clear, proximate warning that these actions are not financial, investment, or operational security advice and may affect user funds. In a DeFi audit skill, readers may treat the content as authoritative and act on it directly, increasing the chance of loss from misapplication, stale data, or overreliance on incomplete analysis.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list contains broad phrases such as "check security" and "is it safe", which can match many generic user requests unrelated to DeFi protocols. This can cause the skill to activate outside its intended scope, leading to inappropriate handling of prompts and increasing the chance of misleading security analysis in unrelated contexts.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The script sends the Etherscan API key in the request URL query string. Query parameters are commonly exposed via shell history, process listings, proxy/load-balancer logs, browser-like tooling logs, and debugging output, so the key can be disclosed to other local users or logging systems even though the transport is HTTPS.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.