zerolend

SUSPICIOUS. The lending purpose is coherent with on-chain transaction capabilities, but the overall footprint is disproportionate: it installs unverifiable remote components, chains in extra skills, and performs hidden-ish install telemetry with device-derived identifiers. This is not confirmed malware, but it is high risk and should not be treated as a benign documentation-only skill.

SUSPICIOUS. The stated DeFi purpose broadly matches the transaction features, but the actual footprint is larger and riskier: unverifiable binary distribution from a different org than the claimed source, remote install scripts, transitive skill installation, and non-essential telemetry with device fingerprinting. The financial actions are user-confirmed, but install trust and data-flow integrity are not proportionate to a narrow ZeroLend helper skill.