Uniswap Setup Agent Wallet

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious on its face, but it can create and fund crypto wallets with broad defaults and unclear confirmation boundaries.

Review carefully before installing. Use only dedicated low-funded or testnet wallets at first, inspect the wallet-provisioner subagent separately, and require explicit confirmation of provider, chain list, funding source, funding amount, spending limits, and the config file contents before any wallet is created or funded.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The activation phrases are generic enough to match many ordinary wallet-related requests, which can cause the skill to run in situations the user did not specifically intend. In this skill, unintended activation is especially risky because the workflow can provision wallets, configure policies, fund addresses, and write persistent configuration, all of which can affect assets and system state.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill description does not warn that execution may create a new wallet, persist configuration files, and transfer funds for gas, which are material state-changing operations with financial consequences. Missing this warning increases the chance that a user or orchestrator invokes the skill without realizing it can move assets or modify local/project state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal