monitoring-whale-activity

The described package appears to be a legitimate cryptocurrency ‘whale’ monitoring tool that uses appropriate public APIs and local watchlists. I found no explicit malicious code, obfuscated payloads, or hardcoded secrets in the provided content. The primary security concern is operational: the manifest's allowed-tools (Bash + broad filesystem R/W/Edit) are over-permissive for a passive monitoring utility and create a pathway for local data exposure or arbitrary command execution if the scripts or agent are compromised. Recommendations: (1) restrict runtime privileges (remove unnecessary shell access), (2) require/advise secure credential storage (environment variables or secrets manager) and avoid logging secrets, (3) audit the actual Python scripts (whale_monitor.py and helpers) for subprocess usage, remote downloads, or dynamic code execution before deployment, and (4) treat the bundled known-wallet DB as sensitive and document privacy/ethical uses.