rhino-strategy

No malicious code is present in the provided fragment itself (it contains only installation/run instructions). However, it instructs downloading executable Python scripts from a remote GitHub branch via curl without visible integrity controls (pinning/hash/signature verification) and then executing them in an indefinite scheduled loop. This creates a significant supply-chain execution risk: malware could be introduced via upstream changes. Actual malware/exfiltration likelihood cannot be determined without reviewing rhino-scanner.py and rhino_config.py contents.

The skill is purpose-consistent and uses publisher-aligned Senpi infrastructure, so there is limited evidence of malware or deceptive supply-chain behavior. However, it grants an AI agent autonomous cryptocurrency trading capability with pyramiding and recurring cron execution, which creates high real-world risk; the main concern is autonomy and credentialed action, not confirmed malicious intent.