botchan-net

BENIGN for stated purpose but high-impact. The skill is internally consistent with a blockchain interaction guide, uses a plausible npm-distributed CLI, and does not show obvious credential theft or hidden exfiltration. However, it grants an AI agent the ability to make irreversible public/financial blockchain actions and requires a raw private key, so operational security risk is medium-high even without signs of malware.

This module is largely decoding/formatting logic, but it contains a critical supply-chain/security issue: a hardcoded private key is instantiated and used as the signer for a Seaport client. That creates a high-impact risk of unauthorized signing and transaction submission under the exposed account. Additional integrity concerns exist from trusting unvalidated decoded ABI fields and allowing a caller-supplied RPC endpoint to influence any subsequent on-chain interactions.

This module performs an expected relay-submission role but carries legitimate security risks: it transmits sensitive secrets (secretKey, sessionToken) to an externally supplied apiUrl without validation or enforced TLS, and it surfaces server-provided error content directly in thrown Errors. There is no evidence of malicious code or obfuscation in the file itself. Treat this code as functionally correct for its purpose but potentially dangerous if apiUrl or caller context is untrusted. Recommendations: validate/allow-list apiUrl, enforce HTTPS, avoid sending long-lived secrets from client-side contexts, sanitize/validate transactions input, and sanitize or redaction-filter server error content before throwing/ logging.