claude

SUSPICIOUS. Most behavior is coherent for a Claude CLI helper, but the silent fetch from a personal raw GitHub file and the recommendation to run `npx skills update claude` introduce an unrelated third-party update path and transitive skill-install trust chain. The main Claude CLI usage is proportionate; the updater workflow is the primary security concern.