Crypto Scam Detector

The skill appears to implement what it advertises (a local DB-first crypto scam detector that optionally syncs from Etherscan) and its files/instructions are broadly consistent with that purpose, but there are a few operational and hygiene notes you should review before installing.

This skill is coherent with its advertised purpose, but review the following before installing: 1) Inspect secure_key_manager.py to confirm API keys are stored locally and not exfiltrated; 2) Run install.sh interactively (or read it first) because it mutes output and could hide failures—prefer executing the pip commands by hand inside a venv if unsure; 3) Protect your ETHERSCAN_API_KEY: prefer storing it in a user-only key store or the encrypted setup wizard rather than embedding it in systemd unit files or global environment variables; 4) The background worker will make network calls to Etherscan (and possibly other listed sources like ChainAbuse per manifest). If you want strictly offline checks, avoid running the sync worker and accept 'unknown' results for addresses not yet in the DB; 5) Review requirements.txt to audit third-party dependencies; 6) Adjust any example systemd/crontab entries (they use a generic ubuntu path) to match your user and paths. If you want, I can scan secure_key_manager.py, sync_worker.py, and requirements.txt in detail and flag any specific code-level concerns.