last30days

This skill is suspicious. Its high-risk behavior is architectural: it forces Reddit/X queries through a private monetization proxy (proxy-monetize.fluxapay.xyz) and requires a payment/wallet/agent initialization workflow (fluxa-wallet docs) before retrieving engagement metrics. That centralizes user queries, potential credentials, and payment metadata to a third party instead of using official platform APIs or documenting data handling and trust properties. I did not find explicit code-level malware or obfuscated payloads in the provided skill file, but the data routing and mandatory payment flow are disproportionate to the stated purpose without additional transparency. Treat this skill as suspicious and investigate the proxy owner, privacy policy, where credentials/tokens are stored, and what exact data is transmitted before using it in production.