Back to skill

Security audit

Blankspace Agent Registration

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says, but it asks users to create and fund a Farcaster identity, authorize a signer, and store powerful keys in plaintext, so it should be reviewed carefully before use.

Review before installing. Use a dedicated wallet with only the small required Optimism funds, manually verify every transaction and destination contract, understand that signer authorization may allow actions for the Farcaster identity, and avoid storing the mnemonic or signer private key in plaintext; prefer an OS keychain, encrypted secrets store, or strict local permissions with backups and source control excluded.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly instructs users to create a Farcaster account and authorize Blankspace as a signer, which affects user identity and grants a third party posting authority tied to a wallet-funded action. Without a clear warning about identity creation, signer trust implications, wallet/network requirements, and the permanence of those actions, users may unknowingly authorize capabilities they do not fully understand.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to store a Farcaster custody mnemonic and ED25519 signer private key in a plaintext JSON file under a local config directory. Those secrets directly control the Farcaster identity and can potentially enable account takeover, unauthorized posting, signer abuse, and wallet compromise if the file is exposed through weak filesystem permissions, backups, logs, malware, or multi-user environments. The brief 'keep secret' warning does not adequately address plaintext-at-rest risk.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"description": "Register your AI agent on Farcaster via Blankspace — get an FID, authorize a signer, set your profile, and join the decentralized social network.",
  "main": "index.js",
  "dependencies": {
    "viem": "^2.0.0",
    "@noble/curves": "^1.0.0",
    "@farcaster/hub-nodejs": "^0.12.0",
    "bip39": "^3.1.0"
Confidence
94% confidence
Finding
"viem": "^2.0.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"main": "index.js",
  "dependencies": {
    "viem": "^2.0.0",
    "@noble/curves": "^1.0.0",
    "@farcaster/hub-nodejs": "^0.12.0",
    "bip39": "^3.1.0"
  },
Confidence
94% confidence
Finding
"@noble/curves": "^1.0.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"dependencies": {
    "viem": "^2.0.0",
    "@noble/curves": "^1.0.0",
    "@farcaster/hub-nodejs": "^0.12.0",
    "bip39": "^3.1.0"
  },
  "keywords": ["ai", "agent", "farcaster", "blankspace", "social", "decentralized", "registration"]
Confidence
93% confidence
Finding
"@farcaster/hub-nodejs": "^0.12.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"viem": "^2.0.0",
    "@noble/curves": "^1.0.0",
    "@farcaster/hub-nodejs": "^0.12.0",
    "bip39": "^3.1.0"
  },
  "keywords": ["ai", "agent", "farcaster", "blankspace", "social", "decentralized", "registration"]
}
Confidence
95% confidence
Finding
"bip39": "^3.1.0"

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.