killerpdf-portable-editor

SUSPICIOUS: the skill’s functionality is coherent for a local PDF editor and there is no credential harvesting or exfiltration flow, but it instructs the agent/user to download and execute a prebuilt EXE from an external GitHub publisher that does not match the skill publisher, with no pinning or integrity verification. Building from source looks proportionate and lowers concern; the main risk is install trust, not malicious behavior.