lazyweb-design-improve

SUSPICIOUS: The skill's purpose is coherent, but its trust model is weak. It relies on external MCP/plugin installation and third-party/local browse binaries with limited public verification, and it mixes untrusted web content with Bash and Write access. No clear credential theft or overt malicious behavior is present, but the supply-chain and indirect prompt-injection risks are significant.