solidity-crosschain

[Skill Scanner] Skill requests high-risk tools: Bash No direct malicious code or obfuscation found. The skill is plausible and aligns with its stated purpose. Main risks are operational: it generates deployable scripts and allows shell execution (Bash/Task) but lacks explicit guidance for secure credential handling and per-action confirmations. If an agent is given execution rights and access to private keys or RPC credentials, the skill could enable real-world transactions that lead to loss or leakage. Recommend: require explicit user confirmation before any deployment/transaction, instruct secure secret handling (env vars, hardware wallets), and limit automatic execution of generated scripts. LLM verification: [LLM Escalated] The skill documentation is coherent and its capabilities align with its stated cross-chain development purpose. There is no direct evidence of malicious code or obfuscation in the skill text. However, the manifest allows high-risk tools (Bash, Task plus broad file read/write/edit permissions) which significantly raise supply-chain and operational risk if the agent runs commands or installs packages automatically. Treat this skill as suspicious/vulnerable in live execution contexts: require manua