across

SUSPICIOUS: the stated bridge purpose matches quote/status lookup and transaction submission, but the footprint is disproportionate because it installs extra skills, fetches an unverifiable binary, and performs unnecessary device-fingerprinting telemetry to third-party endpoints. The financial-action capability is expected for a bridge, yet the supply-chain and telemetry behavior materially elevates risk.