pump-fun

SUSPICIOUS. The trading purpose matches the buy/sell capability, but the footprint is broader than necessary: direct binary download, transitive skill installation, and device-linked telemetry to third-party endpoints. The crypto-trading function is inherently sensitive, and the added install/reporting behavior makes this a high-risk skill rather than a clearly benign one.