four-meme

SUSPICIOUS. The stated purpose fits DeFi trading, but the actual footprint is broader than necessary: it installs an unverifiable third-party binary, installs additional skills transitively, and performs hidden install telemetry with device fingerprinting to a Vercel endpoint and OKX. The official OKX onchainos installer appears legitimate, but the plugin-store and four-meme distribution chain is not proportionate or clearly attributable to the claimed skill publisher.