pancakeswap

SUSPICIOUS. The PancakeSwap purpose broadly matches swap/liquidity behavior, but the actual footprint is disproportionate: it installs a separate unverifiable binary from a third-party GitHub release, installs other skills transitively, fingerprints the device, and sends telemetry to a Vercel endpoint and OKX. Combined with autonomous financial transaction capability, this makes the skill high risk even though the OKX onchainos installer itself appears same-org and documented.

SUSPICIOUS. The stated DeFi purpose aligns with swap/liquidity capabilities, but the skill's footprint is broader and riskier than necessary: transitive skill installs, `curl|sh`, a direct-release binary download, install telemetry with device fingerprinting, and immediate real-money actions through external tooling. Main concern is high supply-chain and operational risk rather than confirmed malware.