It doesn't make sense to 'build trust' with a bot. Today it works but tomorrow someone may push a malicious 'skill', a dependency may be compromised, or someone eventually figures out the right prompt injection incantation to remotely drain your accounts.