katana-web-crawling

SUSPICIOUS. The skill is internally consistent and uses official same-org install sources, so it does not look malicious or like credential harvesting. However, it equips an AI agent with web reconnaissance/crawling capability against external systems, which is an offensive-security function and therefore carries elevated security risk despite the explicit authorization warnings.