datasheet-reader

SUSPICIOUS: the stated purpose is coherent, but the skill relies entirely on an unverified `pcb scan` binary that could not be tied to an official publisher or documented install source. It also processes arbitrary remote document content through that binary and then feeds the result to the agent, creating meaningful supply-chain and prompt-injection risk. No direct credential harvesting or explicit exfiltration is shown, so this is not confirmed malware.