oneshot-enrichment

SUSPICIOUS: the core capability matches the stated enrichment purpose and the SDK/source relationship appears legitimate, but the skill introduces wallet-backed paid actions, secret forwarding into an SDK, sensitive personal-data processing, and transitive trust on another skill. Data flows appear same-brand rather than overtly exfiltrative, so this is not confirmed malware, but it is higher-risk than a normal read-only lookup skill.