Back to skill

Security audit

Philidor — DeFi Vault Intelligence

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Philidor DeFi analysis helper that uses an external CLI/API for vault and portfolio lookups, with no evidence of hidden control, fund movement, persistence, or destructive behavior.

Install this only if you trust Philidor's npm CLI and API. Treat its DeFi risk scores and yield recommendations as informational, and avoid submitting wallet addresses unless you are comfortable sharing linkable public on-chain activity with the service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs agents to analyze wallet addresses without warning that the address and associated portfolio holdings will be sent to the Philidor service. Even though blockchain addresses are often public, linking a user-supplied address to their current request can disclose sensitive financial context to a third party and violate user expectations or privacy requirements.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.