predict-worknet

This fragment is a typical remote binary installer, not an obvious in-script malware dropper. The main security issue is supply-chain trust: it downloads and installs a binary from GitHub 'latest' without checksum/signature verification and can run with elevated privileges during installation. macOS quarantine removal further reduces safety friction around an unverified executable. To mitigate, pin a specific release/tag/commit and verify the binary via published checksums or signature before chmod/move.

SUSPICIOUS. The skill's crypto prediction purpose matches some wallet and market actions, but its actual footprint is too risky: it installs and relies on opaque third-party CLIs, funnels wallet/auth operations through them, and directs the agent to perform continuous autonomous prediction-market actions for token rewards. The unverifiable binary dependency and credential-forwarding pattern materially elevate security risk.