Security audit
Intent Transfer Completion via LI.FI
Security checks across malware telemetry and agentic risk
Overview
The skill matches its LI.FI transfer purpose, but it can sign real crypto routes/transfers from a local private key without a visible confirmation step, and the supplied artifacts include secret-looking wallet/API key files.
Review carefully before installing. Do not fund or use the bundled wallet.txt key, remove/rotate exposed secrets, and only use this with a fresh low-balance wallet or secure wallet provider. Confirm the exact recipient, chain, token, amount, LI.FI route, approvals, and gas/slippage yourself before allowing any transaction to be signed.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
