yield-agentkit

SUSPICIOUS: the skill is internally consistent with its DeFi purpose and uses a same-org MCP endpoint rather than suspicious installers, so it does not look malicious. However, it enables consequential financial actions and routes sensitive wallet/activity metadata through Yield.xyz, making it a medium-to-high security risk despite reasonable scope and no obvious credential harvesting.