productclank-campaigns

SUSPICIOUS. The skill is internally coherent as a ProductClank campaign integration and primarily talks to the publisher's official API, so it does not look like credential theft or outright malware. However, it enables autonomous public-influence actions at scale, includes competitor-intercept workflows, processes untrusted external/social content, and references a CLI under a different GitHub org, which raises meaningful operational and trust risk.