Leviathan News

The skill bundle is benign. While it requires access to a `WALLET_PRIVATE_KEY` environment variable, the `SKILL.md` documentation explicitly and repeatedly instructs the AI agent and user on secure handling: the private key is only to be used locally for message signing, never transmitted to the API, and no blockchain transactions are initiated. All network requests are directed to the legitimate `leviathannews.xyz` domain, and there is no evidence of prompt injection attempts, data exfiltration, or malicious execution instructions.