ton-cli

SUSPICIOUS: the skill is coherent with its stated TON wallet purpose and appears to use an official TON-distributed npm package, so it is not clearly malicious. However, it enables direct financial actions, handles wallet secrets, and relies on `npx` execution of a mutable `@alpha` package, making the overall risk medium-to-high even with user-confirmation guidance.