Opinion Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Opinion prediction-market trading helper, but it can perform live wallet-backed financial actions with weak safeguards.

Install only if you intentionally want agent-assisted access to an Opinion trading wallet. Use a dedicated low-balance wallet, avoid main-wallet private keys, inspect or pin the cloned code and dependencies, protect .env, and require manual confirmation before every buy, sell, cancel-all, or enable-trading action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill gives step-by-step instructions for placing, selling, and canceling market trades, including wallet setup and authorization, but does not prominently warn that these are real financial transactions with possible loss of funds and partially irreversible on-chain effects. In an agent context, this increases the chance a user or downstream system executes trades without informed consent or understanding of monetary risk.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The module hardcodes an HTTP API endpoint and uses it for all requests, so query parameters and responses are sent without transport encryption. This allows network observers or active attackers to read or tamper with traffic, which is especially risky for a shared configuration module because every importing script inherits the insecure transport.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal