vulnerability-validation

SUSPICIOUS: the skill is internally coherent and has no notable supply-chain or exfiltration behavior, but it equips an AI agent to perform exploitability analysis and generate PoC exploits. That offensive-security capability is higher risk than ordinary developer-assistance skills, even when intended for defensive validation.