dexter

SUSPICIOUS rather than malicious. The skill’s capabilities mostly match its financial-research purpose, and the requested credentials are proportionate, but trust is reduced by installing and executing a mutable personal GitHub repo with dependency resolution and then handing it API keys. Main concerns are supply-chain trust and prompt-injection exposure from web search, not confirmed credential theft or overt exfiltration.