create-document

SUSPICIOUS. The core behavior matches a document-generation skill, and the main CLI dependency (Typst) is consistent with that purpose. Risk comes from autonomous processing of untrusted local content with write/exec capability, broad tool access, and reliance on unverifiable private/local package context and opaque MCP wrappers. No clear evidence of credential theft, covert behavior, or malicious exfiltration is present, but the skill’s automation footprint is larger than a low-risk documentation helper.