Security audit

Find Crypto Skills

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent for finding crypto-related skills, but users should review any third-party skill before installing it globally.

Before installing any skill this finds, review the target skill’s source, publisher, and permissions. For crypto tools, never provide seed phrases or private keys, and use restricted exchange API keys without withdrawal permissions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The description says the skill should be used whenever the user is looking for cryptocurrency, blockchain, DeFi, or trading functionality that might exist as an installable skill, which is broad enough to match general crypto questions that are not actually about discovering skills. Over-broad routing can cause the agent to steer users toward package search and installation flows unnecessarily, increasing the chance of unsafe or irrelevant third-party skill recommendations in a high-risk crypto context.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list includes broad phrases like "how do I trade X" and mentions of exchanges, DeFi, NFTs, staking, and wallet monitoring without requiring explicit intent to discover a skill. In practice, this can misroute ordinary financial or educational queries into a software installation path, which is more dangerous here because crypto-related skills may request API keys, automate trades, or interact with wallets and exchanges.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill tells the agent to offer installation using `npx skills add <owner/repo@skill> -g -y`, which performs global installation and auto-confirms without surfacing the risk to the user. In a crypto-focused ecosystem, silently encouraging global, non-interactive installation of third-party skills raises supply-chain and privilege risks, especially if those skills later handle exchange credentials, wallet data, or trading actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal