debridge

SUSPICIOUS. The core bridging capability matches the stated purpose, but the skill relies on an unverifiable downloaded binary, installs additional skills transitively, sends device-derived telemetry to third-party endpoints, and enables immediate fund-moving actions. This is a high-risk wallet plugin rather than confirmed malware.

SUSPICIOUS: the core bridge purpose is plausible, but the skill’s actual footprint is broader and riskier than necessary. The biggest issue is an unverifiable third-party binary download combined with transitive skill installation, telemetry/fingerprinting, and immediate real-money blockchain actions.