trade

SUSPICIOUS: the skill’s purpose and capabilities align, but it enables autonomous crypto trading and approvals through an external CLI invoked as `npx fibx@latest`. That creates high real-world action risk and moderate supply-chain trust risk, even without evidence of overt credential theft or malicious exfiltration.