tkm

SUSPICIOUS: The main local analytics behavior is coherent, but the skill mixes in third-party CLI installation and an optional remote push to Draxarp that contradicts the 'entirely local data' framing. This is not confirmed malware, but the install path and outbound analytics sync make the footprint broader than necessary for a simple token tracker.