Bankr Agent - Arbitrary Transactions

The skill description enables a powerful capability (arbitrary EVM transaction submission) but omits essential trust, signer, and network details. This omission is a serious security gap because arbitrary calldata can transfer assets or grant privileges. Treat this artifact as high-risk unless an implementation enforces: (1) user-controlled signing (hardware wallet or explicit wallet connector), (2) explicit RPC/provider selection with no silent relays, (3) human-readable transaction summaries and user confirmation, (4) limits and whitelists for sensitive ABI patterns (e.g., approve), and (5) non-storage of private keys or signed transactions to untrusted backends. Without those mitigations, the skill could enable credential harvesting, fraudulent transactions, or transaction exfiltration.