helius

BENIGN in purpose alignment, but HIGH security risk in operation: the skill is coherent for Solana/Helius development yet grants an AI agent financial/on-chain actions and onboarding/billing workflows, plus unpinned npx-based tool installation. No direct evidence of malware or credential theft, but the autonomy and supply-chain footprint make it a high-risk vulnerable skill.