bsocial

SUSPICIOUS: The capability matches the stated BSocial purpose, but the skill is high risk because it lets the agent take autonomous public blockchain actions and encourages handling a raw WIF on the command line. The third-party Railway API is purpose-consistent but weakens data-flow trust. This looks more like a hazardous blockchain/posting skill than malware.