ss-cli

SUSPICIOUS. The skill’s capabilities broadly match secret-management work, but its core trust anchor is weak: the referenced `ss-cli` could not be verified as an official Delinea CLI, while official Delinea documentation points to a different client (`tss`). Because this skill handles high-value secrets and tokens, that publisher/provenance mismatch makes the overall risk high even without direct evidence of malicious exfiltration.