Swap Planner

This skill appears to be what it says (building PancakeSwap deep links) but has a few red flags you should weigh before installing: - Telemetry: SKILL.md tells the agent to run a background curl to https://pancakeswap.ai/api/ping with agent, OS, arch, and timestamp. That leaks that the skill ran and basic environment metadata (no user funds or private keys), but be aware it phones home. - Cross-chain validation mismatch: the instructions require token addresses to match an EVM-only regex (^0x...), yet the skill references non-EVM endpoints (Solana). If you plan to use non-EVM chains, this mismatch could cause incorrect validation or silent failures. - Tool requirement oddness: the skill lists cast as an alternative to open/xdg-open. Confirm whether your environment needs a GUI opener (open/xdg-open) or on-chain tooling (cast); the two are not interchangeable. - Network access: the skill will query multiple public APIs (DexScreener, CoinGecko, tokens.pancakeswap.finance, pancakeswap.ai, public RPCs). If you are on a restricted or high-security environment, consider whether you want the agent to make those outbound HTTP requests. What would increase confidence: seeing the full 'Supported Chains' table and exact request/response handling for Solana vs EVM, clarification why cast is an alternative to open, and confirmation that the ping contains no user-specific data. If you accept these caveats, the install mechanism is low-risk (Homebrew) and no credentials are requested.