arch-api

The arch-api skill is coherent with its stated purpose of API architecture design and documentation. It demonstrates normal tooling patterns (OpenAPI generation, REST/gateway design, versioning, HATEOAS, and auth pattern considerations) without showing risky behavior such as downloading unverified binaries, credential harvesting, or external data exfiltration. The credential handling is limited to standard environment variable usage for API keys. Overall, the risk profile is low to moderate and proportionate to its design-focused purpose.