wdk

[Skill Scanner] Detected attempt to override previous instructions All findings: [CRITICAL] prompt_injection: Detected attempt to override previous instructions (PI001) [AITech 1.1] [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] The provided document is legitimate SDK documentation describing a multi-chain wallet with appropriate warnings about dangerous operations. I did not find direct evidence of malware, hard-coded credentials, or obfuscated malicious payloads in the text. However, there are notable supply-chain and operational risks: (1) explicit encouragement to always fetch latest packages (avoid pinning) increases exposure to malicious package updates; (2) automated fetching of external reference URLs can be abused to retrieve attacker-controlled content; (3) the suggested sodium shim disables memory zeroing in browser bundles, weakening key hygiene; (4) absence of guidance about verifying package integrity or using lockfiles. Recommend integrators: pin package versions, use package-lock / yarn.lock, verify integrity/signatures, restrict automated web fetches to trusted sources, avoid disabling secure memory zeroing in production, and implement strict user confirmation and input validation for all write operations. LLM verification: The skill documentation itself is not malicious code but controls highly sensitive operations (seed phrases, signing, sending funds) and contains guidance that, if followed naively, increases supply-chain and operational risk (un pinned package installs, arbitrary RPC endpoints, agent-run web_fetch). Main recommendations: enforce strict confirmation flows before any write action; never log or transmit seed phrases/key material; pin and vet package versions in production or require signed release