kya

The wrapper is primarily a CI bootstrap tool, but it introduces meaningful supply-chain and execution risks: it downloads and executes a remote `install.sh` from a fixed URL without integrity verification, and it prepends a potentially user-writable directory to PATH, which can enable `kya-agent` binary hijacking if the filesystem is compromised or shared. No direct malicious payload is evident in this wrapper alone, but its runtime installation behavior should be treated as high-risk and reviewed/pinned (e.g., hash/signature, pinned commit/artifact) and hardened (e.g., avoid broad PATH precedence, validate expected binary provenance).

SUSPICIOUS rather than clearly malicious. The skill’s crypto/attestation capabilities broadly match its stated purpose and its endpoints appear purpose-aligned, but it relies on mutable remote installer patterns for a prebuilt binary, instructs transitive use of another skill, and enables gasless blockchain actions with real-world consequences. No strong evidence of credential theft or off-purpose exfiltration is visible from the provided content alone.