Back to skill

Security audit

ZeroDust Chain Exit

Security checks across malware telemetry and agentic risk

Overview

This skill is purpose-aligned and not malicious, but it deserves Review because it guides an agent through full-balance crypto sweeps with broad triggers and light safety framing.

Install only if you specifically want an agent to help empty native gas balances from supported chains. Before signing, verify the ZeroDust provider, source chain, destination chain and address, exact amount, fees, EIP-7702 delegation details, and revocation status; avoid batch sweeps unless each chain is reviewed individually.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README promotes sweeping 100% of a chain's native gas token balance to exactly zero without a prominent warning that this can strand the wallet on that chain by leaving it unable to pay future gas fees. In an agent skill context, users may interpret phrases like 'move all my ETH' or 'exit Polygon completely' as routine housekeeping and may not appreciate that this is an irreversible, operationally destructive action unless funds are later bridged or re-deposited.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are broad enough to match common wallet-management requests such as 'empty this wallet' or 'move everything,' which can cause the skill to activate in contexts where the user did not specifically intend a full-chain sweep. In this skill, unintended invocation is especially dangerous because the action empties the user's native balance and initiates a high-risk authorization flow involving EIP-7702 delegation.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill promotes sweeping to exactly zero balance without a prominent upfront warning that this is effectively wallet-emptying behavior and requires delegation authorization. Because the flow asks the user to sign EIP-7702 delegation and sweep messages, insufficient warning can lead users to approve powerful authorizations without understanding the irreversible loss of spendable gas balance or the security implications of delegation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.