swarm-vault-manager-trading

[Skill Scanner] Natural language instruction to download and install from URL detected This SKILL.md describes a legitimate but high-risk management capability: executing swaps and arbitrary transactions across swarm member wallets. The functionality, required API key, and endpoints are internally consistent with the stated purpose. The main security concern is not hidden malicious code but the powerful privileges the skill enables: a compromised or misused manager API key (or malicious transaction template supplied by the manager) can result in theft of funds (transfers, approvals, draining). There are no indicators of obfuscated or overtly malicious code in this document. Recommended controls: enforce least-privilege API keys, require confirmation/2FA for execute-swap/execute-transaction, audit logging, rate limits, and safe template validation to prevent accidental mass-drain operations. LLM verification: This skill's documented functionality is coherent with a manager role that must inspect holdings and execute swaps, but it exposes high-risk capabilities (arbitrary ABI/raw transaction execution across many member wallets and template placeholders that can express 100% transfers). There is no documentation of least-privilege scopes, confirmation/approval workflows, or safeguards to prevent mass exfiltration of funds. I assess this as SUSPICIOUS: not obviously malicious in the fragment, but high-