alby-bitcoin-payments-cli-skill

SUSPICIOUS: the skill’s capabilities match its stated Bitcoin wallet purpose, and the CLI appears to be distributed through an expected same-org/npm path rather than an unknown binary. However, it handles raw wallet-control secrets and enables autonomous money movement, so the security risk is medium-high even without evidence of malicious intent.