authenticate-wallet

The skill is coherent with its stated wallet-auth purpose, but it carries meaningful risk: it executes unpinned remote CLI code via `npx ...@latest`, forwards OTP data to an unspecified auth backend, and can deploy a blockchain account. This is better classified as suspicious/high-risk operational tooling rather than confirmed malware.