skill-navigator

The Skill Navigator appears to be a framework-centric orchestration guide designed to route tasks to domain-specific skills using orchestrator-first loading and progressive disclosure. Its security footprint, as described, is benign: no external downloads, no credential handling, and no evident data exfiltration paths. Data flows are internal and plan-based, aligning with the stated purpose of managing token budgets and modular loading. Given the absence of credential usage, unverifiable binaries, or external network interactions in the described content, the overall risk posture is low to moderate (benign), with mild concern around potential misconfigurations in real deployments where orchestrator/worker interactions could broaden data access if not properly constrained. Reserve heightened scrutiny if any downstream workers introduce untrusted code, external dependencies, or credential forwarding in actual implementations.