skill-tester

SUSPICIOUS: the skill’s core purpose is legitimate, and its controls are unusually explicit, but it collects and analyzes sensitive local Claude session data from ~/.claude/projects and combines untrusted content analysis with execution and report-writing capabilities. There is no strong evidence of malware or external credential harvesting, yet the scope and data visibility are broader than minimally necessary, so the overall classification is suspicious rather than benign.

The module itself is a benign script-runner utility and does not contain direct malicious logic. However, it intentionally executes arbitrary scripts and can inject a Python startup shim into child interpreters; both behaviors make it potentially dangerous when used on untrusted code. The primary supply-chain/sabotage risk is that this tool will execute whatever scripts are present under the provided path (which could be malicious) and will log captured outputs and file creation metadata. Use only on trusted code or in a secure sandbox. If capture_api is enabled, review any api_logger shim implementation because it will run inside child Python processes.