SunSwap DEX Trading

The described skill legitimately provides automated swap tooling for SunSwap on TRON but requires storing a raw TRON_PRIVATE_KEY in environment variables and encourages automation that can perform irreversible on-chain transactions. Because no implementation code was supplied, we cannot assert whether the scripts leak keys or phone home; however, the design choices (env private key, unpinned npm installs, AI-driven --execute) present real supply-chain and operational risks. Recommended mitigations before use with high-value keys: 1) require an audit of the actual JS scripts and dependency lockfile, 2) use hardware wallets or delegated signing services rather than raw private keys, 3) pin and verify dependency checksums, 4) enforce interactive human confirmation or multi-sig for significant transfers, and 5) run in a least-privilege environment (ephemeral/test wallets for automation). Treat the package as medium risk until code and dependencies are audited.