prompt-authoring

SUSPICIOUS. The stated purpose is benign and the runtime behavior described in the skill is narrowly scoped to prompt authoring, but the skill asks the agent to perform a transitive remote installation from an unpinned personal GitHub repo. That makes install trust the main issue; there is no clear evidence of credential theft or malicious data routing in the skill content shown.