flipside

The skill is coherent with its stated purpose of querying blockchain data via the Flipside CLI, but it uses a download-and-execute installer from a raw GitHub URL, which introduces supply-chain risk. This single pattern elevates security concerns, and without additional safeguards (e.g., verified checksums, signature verification, pinned versions), the installation path is suspicious. Data flows to Flipside APIs are expected and appropriate for the described use, but credential handling and installation provenance require careful management. Overall, the footprint is Suspicious rather than Benign, due to the download-execute pattern and unverifiable installer source.