@1365/across-bridge

SUSPICIOUS: The core bridge functionality and official Across API usage are purpose-aligned, and the only package install is a normal PyPI dependency. However, the skill expands trust by requiring another skill and recommends an overly broad wildcard wallet policy, while enabling high-impact financial transactions across chains. This looks more like a risky but plausibly legitimate DeFi skill than confirmed malware.