base

SUSPICIOUS. Most of the skill is benign development guidance, but the credential-management section is materially misaligned with a universal base skill: it instructs reading a centralized personal secrets file, parsing multiple API keys, validating them, and populating project .env files. The automatic /ralph-loop delegation also expands trust scope. No confirmed malware or attacker-controlled exfiltration endpoint is present, but the skill’s secret-handling footprint is disproportionate to its stated purpose.