cobo-agentic-wallet-dev

No explicit backdoor/exfiltration/credential-stealing logic is present. The main security issue is supply-chain integrity: the script downloads and extracts executable tarballs and then installs them with execute permissions, but it does not enforce pinned checksum/signature verification for either artifact (and caw has no hash verification at all). It also extracts untrusted tarballs without explicit hardening and executes the cached/installed caw binary for version checking. Treat as a significant supply-chain risk requiring stronger integrity validation and safer archive handling.

The core wallet and transaction capabilities are aligned with the stated purpose, but this is still a high-risk skill because it authorizes real crypto actions and instructs the agent to install/update additional skills from a third-party registry workflow. The biggest concern is transitive trust: remote skill discovery and installation can extend the agent's behavior beyond the reviewed skill.