emblem-token-swap

SUSPICIOUS. The skill is purpose-aligned, but its purpose is inherently high-risk: it enables an AI agent to perform real cryptocurrency swaps and bridges through an installed external CLI and a third-party bridge provider. The npm install path appears relatively legitimate rather than overtly malicious, yet the combination of value-moving autonomy, external CLI trust, and intermediary routing makes the overall security risk high even without clear evidence of credential theft or malware.