ATXP

The skill's described functionality matches the npx-based CLI it documents, but the runtime instructions reference local config and an environment variable (and rely on npx downloading code) without declaring those requirements — this is an incoherence that could expose credentials or cause unexpected code execution.

Before installing or running this skill: 1) Be aware that the SKILL.md tells you to run npx atxp — npx will download and execute code from npm at runtime. Only proceed if you trust the package publisher; inspect the package source (npm/GitHub) first. 2) The instructions ask you to source ~/.atxp/config and to check $ATXP_CONNECTION even though the skill metadata declares no credentials; inspect that file to see what secrets it contains and avoid blindly sourcing it into a shell. 3) Treat agent creation and funding flows as financial actions: verify destination wallets/Stripe links and never send funds unless you fully trust the service. 4) If you want to test, run npx / the package in an isolated environment (temporary VM or container) and review the package contents before executing. 5) Prefer skills with declared requirements and a verifiable homepage/repository; the lack of a homepage and missing dependency declarations is an unresolved risk. If you can obtain the npm package name, repository, or vendor verification and review the source, that information would materially increase confidence.