openfort

SUSPICIOUS: the skill is mostly aligned with Openfort development and uses same-org official tooling, so it does not look malicious. However, it materially expands from documentation into authenticated wallet and transaction operations, giving an AI agent financial-action capability and access to sensitive wallet/API credentials; that makes the skill high-impact and risky even without evidence of exfiltration.