uniswap-v4-security-foundations

SUSPICIOUS. The visible footprint is not well aligned with a passive Uniswap security guide: most of the behavior is remote update and transitive skill/plugin installation. The strongest concern is the trust mismatch between Uniswap Labs branding and the auto-update path through okx/plugin-store, which raises supply-chain and transitive-trust risk even though there is no clear credential theft or confirmed malware.