morpho

SUSPICIOUS: the stated DeFi purpose matches the broad capabilities, but the actual footprint is larger than necessary. The combination of an unverifiable downloaded binary, transitive skill installation, hidden install telemetry to third-party endpoints, and immediate --force approval broadcasts makes this a high-risk skill even without clear proof of malware.