cbi-script

SUSPICIOUS. The skill’s functional scope is coherent for script management, and there is no direct evidence of exfiltration, offensive behavior, or unrelated access. However, the required `cbi` CLI could not be publicly verified as an official distributed tool, so install/execution trust is unresolved and drives the main risk.