token-swap

This skill legitimately requires access to an active wallet and on-chain data to perform token swaps. Those capabilities are high-risk because they enable irreversible financial operations (swaps, approvals). The manifest documents reasonable security rules (explicit confirmations, honeypot checks, slippage limits), but the security of the overall system depends critically on: (1) enforcing non-bypassable interactive confirmations in the execution path, (2) using only trusted RPCs and audited external services for quotes and security checks, and (3) limiting approval behaviors (bounded allowances, user consent for large approvals). No explicit signs of malware or obfuscation are present in this high-level fragment, but because of the high-impact operations, treat implementations as security-sensitive and review actual code paths, RPC endpoints, and allowance mechanics before use.