heimdall

SUSPICIOUS. The skill is coherent with its stated security-audit purpose and uses mostly legitimate local tooling, with no clear exfiltration or malicious install path. However, it grants an AI agent offensive-security assessment behavior, broad repository and git-history access to sensitive data, and persistent report generation, making it a high-risk security skill even if not overtly malicious.