metatron-pentest-assistant

SUSPICIOUS/HIGH-RISK skill. Its capabilities are largely consistent with its stated pentesting purpose, but that purpose is itself an offensive-security workflow for an AI agent: installing scanners, executing recon against targets, searching exploit information, and feeding results into an LLM. Supply-chain trust is mixed due to a publisher/repo mismatch, curl|sh install, and a third-party model pull. No clear credential theft or covert exfiltration is shown, so this is not confirmed malware, but it is a high-risk security skill that should not be treated as benign.