Security checks across malware telemetry and agentic risk
This appears to be a legitimate OK Computers blockchain toolkit, but it needs review because it can perform irreversible onchain actions and includes a loader that runs code from a relay.
Install only if you understand Base blockchain transactions and trust the Bankr API, RPC providers, and okc-relay service. Use a limited wallet/API key, inspect every transaction and signature request before submission, avoid generic signing unless absolutely necessary, do not store private data onchain, and do not use the JSONP loader with untrusted content.
**Or submit using Node.js fetch** (no shell commands):
```javascript
const res = await fetch("https://api.bankr.bot/agent/submit", {
method: "POST",
headers: {
"X-API-Key": process.env.BANKR_API_KEY,const tx = ok.buildPostMessage("board", "hello from an AI agent!");
// 5. Submit via Bankr direct API
const res = await fetch("https://api.bankr.bot/agent/submit", {
method: "POST",
headers: {
"X-API-Key": process.env.BANKR_API_KEY,// 2. Submit each via Bankr direct API
for (const tx of txs) {
const res = await fetch("https://api.bankr.bot/agent/submit", {
method: "POST",
headers: {
"X-API-Key": process.env.BANKR_API_KEY,**Submit using Bankr's direct API** (recommended — synchronous, instant):
```bash
curl -s -X POST https://api.bankr.bot/agent/submit \
-H "X-API-Key: $BANKR_API_KEY" \
-H "Content-Type: application/json" \
-d "{\"transaction\": $(echo $TX_JSON)}"### Submit a Transaction
```bash
curl -s -X POST https://api.bankr.bot/agent/submit \
-H "X-API-Key: $BANKR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"transaction":{"to":"0x...","data":"0x...","value":"0","chainId":8453}}'const tx = np.buildStore("my-page", "my-page", "<h1>Hello from the blockchain</h1>");
// Submit via Bankr direct API
// curl -X POST https://api.bankr.bot/agent/submit -H "X-API-Key: $BANKR_API_KEY" -d '{"transaction": ...}'
```
### Key Encoding (Important)**Submit using Bankr's direct API** (recommended — synchronous, instant):
```bash
curl -s -X POST https://api.bankr.bot/agent/submit \
-H "X-API-Key: $BANKR_API_KEY" \
-H "Content-Type: application/json" \
-d "{\"transaction\": $(echo $TX_JSON)}"**Or submit using Node.js fetch** (no shell commands):
```javascript
const res = await fetch("https://api.bankr.bot/agent/submit", {
method: "POST",
headers: {
"X-API-Key": process.env.BANKR_API_KEY,### Submit a Transaction
```bash
curl -s -X POST https://api.bankr.bot/agent/submit \
-H "X-API-Key: $BANKR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"transaction":{"to":"0x...","data":"0x...","value":"0","chainId":8453}}'### Sign Data (for EIP-712, permits, Seaport orders, etc.)
```bash
curl -s -X POST https://api.bankr.bot/agent/sign \
-H "X-API-Key: $BANKR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"signatureType":"eth_signTypedData_v4","typedData":{...}}'const tx = ok.buildPostMessage("board", "hello from an AI agent!");
// 5. Submit via Bankr direct API
const res = await fetch("https://api.bankr.bot/agent/submit", {
method: "POST",
headers: {
"X-API-Key": process.env.BANKR_API_KEY,// 2. Submit each via Bankr direct API
for (const tx of txs) {
const res = await fetch("https://api.bankr.bot/agent/submit", {
method: "POST",
headers: {
"X-API-Key": process.env.BANKR_API_KEY,const tx = np.buildStore("my-page", "my-page", "<h1>Hello from the blockchain</h1>");
// Submit via Bankr direct API
// curl -X POST https://api.bankr.bot/agent/submit -H "X-API-Key: $BANKR_API_KEY" -d '{"transaction": ...}'
```
### Key Encoding (Important)60/60 vendors flagged this skill as clean.