Stablecoin Yield Radar

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow stablecoin-yield lookup helper that uses Barker's disclosed public API and does not install code, request credentials, or perform transactions.

Install only if you are comfortable with the agent making public API requests to Barker for stablecoin yield data. Treat results as informational, not financial advice, and verify any opportunity directly before moving funds.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill directs the agent to send user-derived query parameters to a third-party API without disclosing that user interests and filters may be transmitted externally. Even if the data sent is limited, queries can reveal financial intent, holdings of interest, or region/language preferences, creating a privacy and consent risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal