wallet-verification

SUSPICIOUS. The skill’s purpose is plausible and the requested wallet input is proportionate, but its execution model is not tightly aligned with the publisher: Cybercentry instructs installation of a separate Virtual-Protocol ACP CLI that handles setup, token storage, provider discovery, and job submission. That mediated trust chain and credential handling create meaningful supply-chain and credential-forwarding risk, even without clear evidence of malware.