cli-anything-eth2-quickstart

SUSPICIOUS: the capability set mostly matches the stated Ethereum node-management purpose, but it grants an agent high-impact infrastructure actions including public RPC exposure and execution of external shell scripts from a repo whose provenance is not established in the provided text. No clear credential theft or exfiltration is evident, so this looks more like a high-risk ops skill than confirmed malware.