signa

SUSPICIOUS: the skill is broadly consistent with its stated purpose, but it centralizes agent messaging/brain/capability traffic through a third-party hosted service and enables real outbound actions via wallet-signed DMs. The biggest risk is indirect prompt injection and unsafe automation of untrusted remote content, not confirmed malware.