KarmaBank

The skill implements a credit system for AI agents, integrating with Moltbook for karma scoring and Circle for USDC transactions. While the core logic appears aligned with its stated purpose and includes warnings about API key security, the `TODO.md` file contains a hardcoded Moltbook API key (`moltbook_sk_h0B8I5q_Cgi6ijfo4eTF9n2YvsHjhnnI`). This constitutes a data exposure vulnerability, as an AI agent could be prompted to extract and potentially misuse this credential, even if it's for a test account. This is a risky capability (credential exposure) without clear malicious intent to harm the end-user, thus classified as suspicious.