Back to skill

Security audit

TruthSea Verifier

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned, but it asks users to give an external MCP package a raw blockchain private key for irreversible on-chain actions.

Review before installing. Use only a dedicated low-balance hot wallet, never a primary wallet or reused key, and disable or remove the MCP server when not needed. Confirm the exact truthsea-mcp-server package, version, publisher, and source before providing DEPLOYER_PRIVATE_KEY, and manually approve or pre-review any transaction-capable action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README instructs users to place a raw private key directly into MCP configuration as an environment variable, but provides no warning about secure secret handling, key scoping, or the risk of wallet compromise. In a skill that interacts with on-chain contracts and tokenized rewards, this normalization of unsafe key handling increases the chance that users expose signing credentials in plaintext config files, shell history, logs, or synced dotfiles.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The manifest explicitly declares a private key as the primary environment variable and states that supplying a wallet key enables write operations, but it does not provide an explicit warning about sensitive key handling, transaction signing, or the financial risk of on-chain actions. In a blockchain skill that can stake, slash, claim bounties, and create disputes, this omission is dangerous because users may expose a hot wallet key to an agent or unknowingly authorize irreversible transactions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal