DeFi Security Audit

The skill's code, scripts, and runtime instructions are consistent with a DeFi protocol audit tool: it needs curl/jq, calls public block‑explorer and token‑risk APIs, and generates reports — nothing requested appears disproportionate to that purpose.

This skill looks coherent for DeFi auditing, but follow these precautions before running it: (1) Inspect the bundled scripts (scripts/*.sh, *.py) to confirm they don't call unexpected endpoints or require secrets. (2) Expect the skill to make many outbound HTTP calls (DeFiLlama, GoPlus, RugCheck, block explorers, RPC nodes); run in an environment where outbound traffic is allowed and monitored. (3) Verify whether any APIs you want to use require keys (Etherscan, private RPCs, paid GoPlus tiers); the skill does not declare env vars for such keys, so set them manually if needed and avoid putting private keys or wallet mnemonics into the skill. (4) Run the skill in an isolated/sandboxed environment first (or with network egress controls) if you have security concerns. (5) If you plan to let the agent run autonomously, remember it can create and write local report files — confirm you’re comfortable with that behavior. Overall, the skill is internally consistent with its stated purpose, but you should review scripts and API usage before execution.