Safe Skills

Key things to consider before installing or enabling this skill: - Verify the external service: the default API URL points to a Railway-hosted app (safeskill-production.up.railway.app). Confirm you trust the operator/owner before giving it any access to wallets or funds. - Metadata mismatch: the SKILL.md expects an API key and optionally SAFESKILLS_API_URL, but the registry declares no required env vars or primary credential. Ask the publisher to update metadata to explicitly list required env vars and the primary credential. - High-impact actions: the skill can create wallets and perform transfers or arbitrary contract calls. If you allow model invocation, require the agent to obtain explicit user confirmation for any transfer or transaction, or disable autonomous invocation. - Secret handling: the instructions say to "store the API key" but give no secure-storage guidance. Ensure the agent does not persist raw API keys in plaintext or expose them in logs. Prefer a vetted secret store and least-privilege policies. - Test safely: if you want to evaluate the skill, test using a testnet chain (Sepolia is the default chainId shown) and small amounts first. - If you cannot validate the service owner or the metadata fixes, treat this skill as untrusted and do not allow it to hold real funds or run autonomously. My assessment is "suspicious" (medium confidence) because the instructions and actions make sense for a secret/wallet service, but the missing declared credentials and lack of operational safeguards (where/how the API key is stored, user-confirmation for transfers, unverified external endpoint) are notable red flags. Additional information that would raise confidence to "high": explicit metadata listing required env vars/primary credential, published owner/contact information, and documented safe storage/confirmation behavior for transactions.