test-ui

SUSPICIOUS: the core QA purpose is legitimate and mostly aligned with the described capabilities, but the skill handles authentication unsafely by asking users to manually extract raw cookies/tokens and pass them to scripts via CLI. It also expands trust by activating other skills and processing untrusted web content with write-capable tooling. No direct exfiltration endpoint or clearly malicious behavior is shown in this excerpt, so this is medium risk rather than confirmed malware.