aeo-audit

SUSPICIOUS: the skill's purpose is coherent, but its trust model is not. It relies on an `npx`-executed external CLI whose publisher relationship could not be verified, and it appears to forward an OpenAI API key to that tool. The website-scraping behavior matches the stated audit purpose, but the unverified package provenance makes the install and credential flow disproportionate.