db-migrate

The skill's footprint aligns with its stated purpose: it is a migration management tool that identifies the provider, executes EF Core or MongoDB migrations, and emphasizes safety checks. There are no active data exfiltration paths, credential handling, or external downloads. The only modest risk comes from potential shell interpolation if implemented insecurely, but the described workflow itself is conservative and planner-focused. Overall, the skill is BENIGN with low security risk based on the provided description; it remains prudent to ensure migration name handling is sanitized and that all shell invocations respect proper escaping.