aura-finance

SUSPICIOUS: The DeFi functionality is plausible, but the skill’s actual footprint is broader than necessary. High-risk supply-chain patterns, transitive skill installation, opaque telemetry with a hidden key, and an unverifiable downloaded binary are not proportionate to a staking helper. User-confirmed finance actions reduce direct malicious certainty, but overall risk remains high.

SUSPICIOUS. The DeFi purpose broadly matches the wallet actions, but the footprint is inflated by remote installer chains, transitive skill installation, a non-registry binary from a different publisher, and install telemetry with obfuscated device-token logic. Main concern is supply-chain and data-flow trust, not confirmed malware.