competitor-teardown

The Competitor Teardown skill presents a coherent capability for automated competitive analysis using an external CLI, which is consistent with its purpose. However, the installation approach (curl|sh from a remote domain) introduces a notable supply-chain risk that makes the overall security posture Suspicious-to-Benign; given the explicit download-and-execute pattern and third-party installer, the risk is elevated and should be treated cautiously. No credential handling is evident, but data flows through external tooling to gather market data, which warrants attention to data governance and potential data leakage through the external CLI. Overall, the skill is moderately risky (securityRisk ~0.55) and should be validated with stricter install provenance and input/output data handling before deployment in sensitive environments.