If you are a developer testing this tool, never use your primary "hot" wallet. Use a with zero funds to see how the script interacts with the blockchain before trusting it with assets.
If the script asks for your Private Key or Seed Phrase directly, it is almost certainly a scam. Best Practices for Testing bryan_airdrop-main.zip
Python or JavaScript files (like index.js or claim.py ) meant to interact with smart contracts. If you are a developer testing this tool,
Have you audited the code? Many malicious scripts hidden in .zip files are obfuscated to hide functions that send your seed phrase to a remote server. Best Practices for Testing Python or JavaScript files
In many cases, files with these naming conventions (a name followed by "airdrop-main.zip") are distributed via social media or Telegram as "drainers" or phishing tools designed to steal funds from users' wallets.
.env files where users are asked to input private keys or API details.