lovable

This SKILL.md is principally documentation and prompt guidance for Lovable.dev + Supabase projects. I find no direct malicious code or obfuscation in the file. The primary risk is operational: enabling 'yolo' browser automation allows an agent/extension to perform high-privilege operations (deployments, apply migrations) on behalf of the user — if the automation component or the agent is compromised, that capability could be abused. Recommend auditing the /skills/yolo implementation and any Chrome extension, enforcing least privilege, requiring explicit operator confirmation before destructive actions, and clarifying how sessions/credentials are protected. Otherwise, the skill itself is coherent with its purpose and not malicious.