spectra

SUSPICIOUS. The DeFi purpose matches the on-chain transaction features, but the overall footprint is disproportionate: it auto-installs transitive skills, fetches an unverifiable standalone binary, and sends device-linked install telemetry to third-party endpoints. The financial-action capability is expected for the stated purpose, yet the supply-chain and telemetry behavior materially increase risk.

SUSPICIOUS. The trading purpose is coherent, but the actual footprint is broader than necessary: high-risk remote installers, a separately downloaded binary, transitive global skill installation, and install-time device telemetry to third-party endpoints. Because an unverifiable binary is installed and the skill can trigger wallet approvals/transactions, overall security risk is high even without proof of outright malware.