ascn-operator

The ascn-operator skill describes a governance-heavy orchestration component that relies on a well-defined set of internal MCP control tools and a trusted MCP gateway. Its footprint is coherent with a legitimate operator role: it requires workspace-specific secrets, performs formal validation steps, and adheres to explicit mutation and error-handling workflows. The external MCP gateway dependency is a normal part of its architecture but introduces external trust considerations; as long as the gateway and secret management are properly secured, the risk remains Moderate and proportionate to its purpose. No evident credential harvesting, data exfiltration, or autonomous real-world actions are described. Overall, the risk posture appears Benign to Suspect (leaning Benign) with moderate security risk due to external dependency surface and sensitive secret handling.