vulnerability-scanning

SUSPICIOUS: the skill is internally coherent as a vulnerability-scanning guide, but it grants an AI agent high-risk offensive security capability and includes a TLS-verification bypass in authenticated API code. Install sources appear mostly official and there is no clear credential exfiltration or malware behavior, so this is high-risk security tooling rather than confirmed malicious content.