bankr-signals

The Bankr Signals skill presents a coherent capability set: provider registration, signed signal publication, and public signal reading with blockchain-backed verification. Data flows properly leverage signed requests to a remote API, with read endpoints being public. The footprint is proportionate to the stated purpose, but there are notable security considerations around credential handling, signing workflows, and public exposure of provider data. No unverifiable binaries are evident, and no autonomous real-world actions beyond API interactions are described. Overall, the skill is SUSPICIOUS to MEDIUM risk due to credential exposure potential and data-flow exposure, but not malicious given the documented API-centric design.