finalrun-generate-test

The skill is purpose-aligned for generating FinalRun test artifacts, and its file access is mostly proportionate. However, it requires and executes an unverified `finalrun` CLI and explicitly relies on that binary to resolve secret-bearing environment bindings, creating a significant supply-chain and credential-forwarding risk despite no direct exfiltration endpoint in the skill itself. Overall classification: SUSPICIOUS.