SunPump Meme Token Toolkit

SUSPICIOUS. The skill is broadly aligned with its stated purpose and mostly uses proportionate tooling, but it enables high-impact financial transactions, forwards wallet credentials to an external CLI, and includes transitive skill installation. This looks more like a risky crypto-trading skill than overt malware; the main concerns are autonomy and credential/trust scope, not hidden exfiltration.