recon-subdomain

SUSPICIOUS from an AI-agent safety perspective: the skill is internally coherent for security reconnaissance, but it grants offensive security capabilities against external targets and includes active enumeration workflows. Install trust is mixed—official same-repo Go installs for core tools are reasonable, while optional personal-repo tools and unpinned @latest/source installs raise supply-chain risk. No clear credential theft or covert exfiltration is present, so this is high-risk offensive tooling rather than confirmed malware.