There's a third way: a gateway node that receives the message in one network/protocol and forwards it back in the other network/protocol.
So, in that case the communication might only be encrypted from the user of the e2ee protocol (matrix) to the gateway node, but unencrypted from the gateway to the user of the unencrypted protocol (skype).
It wouldn't be surprising if skype just decides to maintain such a gateway on their end to comply with the DMA, since that's likely to be faster/easier than reimplementing their architecture with such short notice. I think there are already matrix bridges out there that are open source, they could also just officially endorse one and perhaps improve on it.