bilibili-upload

SUSPICIOUS: The skill’s purpose and capabilities mostly align for Bilibili upload automation, and the external `biliup` project appears legitimate. However, the undocumented auto-download/auto-update path for `biliup`, transitive tool trust through `sau`, and likely handling of session cookies create medium security risk. No strong evidence of credential theft or malicious exfiltration is present from the provided content.