ops-revenue

SUSPICIOUS. The core billing and revenue functions mostly match the stated purpose and use official AWS/Shopify endpoints, but the skill’s footprint is elevated by secret resolution through a third-party CLI and, more importantly, execution of an unverifiable local binary (`bin/ops-external`). That unverifiable executable is disproportionate to a simple reporting skill and forces a high security-risk classification, though the evidence does not confirm malware or explicit credential theft.