cardano-staking

The skill aligns with its stated purpose of checking Cardano stake delegation and rewards, but it introduces a notable credential exposure risk by requiring SEED_PHRASE in the environment. The overall threat posture is MEDIUM with a leaning toward SUSPICIOUS due to potential credential leakage and ambiguous supply-chain assurances. If implemented, ensure secret handling is strictly confined, secrets are never logged, and the MCP client is from a verified source with verifiable integrity (signatures, pinned version, or a vetted internal registry).