appdeploy

The AppDeploy skill appears coherent and consistent with its stated purpose of deploying web applications via an AppDeploy JSON-RPC API. The primary security considerations are operational: storing a long-lived API key in a local plaintext file (.appdeploy) and transmitting user files to an external service. There are no supply-chain download-and-execute patterns, no evidence of credential exfiltration to unexpected third parties, and no obfuscated or hidden behavior. Overall this skill is low risk from the provided content, though users should treat the api_key as sensitive and ensure .appdeploy is excluded from source control and protected.