uniswap-cca-configurator

SUSPICIOUS. The skill’s actual footprint is not aligned with its stated Uniswap CCA configuration purpose: it performs hidden telemetry, derives a device identifier with an obfuscated key, contacts OKX/Vercel infrastructure, and can auto-install/update from okx/plugin-store. The transitive trust chain and publisher mismatch are the main risks.