github-wrapped

[Skill Scanner] Backtick command substitution detected No signs of intentional malicious behavior in the provided SKILL.md. The skill's capabilities, required inputs, and outputs are consistent with its stated purpose (collect GitHub API responses, build a deterministic dataset, and embed it in a single-file HTML). Primary risks are operational: users must protect raw API JSON (may include sensitive/public-private metadata), must trust and inspect local scripts (scripts/collect_raw.sh, build and embed scripts) before running, and be aware optional CDN assets may cause viewer-side metadata leaks. Recommend auditing the actual scripts referenced (collect_raw.sh, build_dataset_template.py, embed_dataset_into_html_template.py) before running to ensure they do not perform network uploads or other unexpected actions.