php-csrf-audit

SUSPICIOUS: the skill’s purpose and capabilities are internally consistent, but that purpose is to equip an AI agent with offensive vulnerability-audit behavior, including bypass analysis and exploit PoCs for real PHP routes. There is no direct credential harvesting, exfiltration, or malicious installer shown, so this is not confirmed malware; the main risk is enabling security/exploit activity.