Token Scout

The skill is internally coherent for on-chain token scanning: it only calls public aggregator APIs and prints analysis, asks for no secrets, and requires only common CLI tools — review scripts before running but there are no obvious malicious behaviors.

This skill appears to do exactly what it says: run the bundled shell scripts to query public token aggregator APIs and compute buy:sell ratios. Before installing or running: 1) review the scripts yourself (they will execute shell commands and make outbound HTTP requests to api.geckoterminal.com); 2) ensure you run them in a safe environment (they do not require secrets, but never run unreviewed scripts with elevated privileges); 3) install 'bc' if your system doesn't have it (scripts assume it); 4) note that 'deep-research.sh' referenced in messages is not included — don't rely on it; 5) avoid pasting private keys or wallet secrets into these tools. If you want extra assurance, run the scripts in an isolated container or VM and inspect network traffic to confirm endpoints.