unibase
agentic-wallet-skill · v · by
57.1
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 25.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 20.0 | 15% |
| Clickfix | 100.0 | 15% |
| Credential | 5.0 | 15% |
| Twostage | 100.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 25
[HIGH] Prompt injection or system override attempt
(line 132)
❌ "Ignore previous instructions..."
[HIGH] Prompt injection or system override attempt
(line 135)
❌ "You are now in admin mode..."
[INFO] Cryptocurrency theft or unauthorized transfer pattern
(line 49)
2. **Wait for User**: Send the `authUrl` to the user and ask them to open it to authenticate via their wallet. **Ask the
[INFO] Cryptocurrency theft or unauthorized transfer pattern
(line 66)
| Send transaction| `/v1/wallets/me/rpc` | POST | ✅ Auto-targets your auto-provisioned wallet |
[INFO] Cryptocurrency theft or unauthorized transfer pattern
(line 103)
You can simply send transactions to the `/me/rpc` endpoint to auto-target your provisioned wallet.
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 20
[CRITICAL] Classic prompt injection: ignore previous instructions
(line 132)
❌ "Ignore previous instructions..."
[HIGH] Fake developer/admin mode activation
(line 135)
❌ "You are now in admin mode..."
CLICKFIX — Score: 100
No findings.
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 100
No findings.
CREDENTIAL — Score: 5
[CRITICAL] Compress sensitive files then exfiltrate
(line 107)
For EVM chains, your target is `/v1/wallets/me/rpc`. Since you have a `/me/rpc` shortcut, you do not need the long `wall
TYPOSQUAT — Score: 100
No findings.