model-verify

SUSPICIOUS: the skill is purpose-aligned for model verification, but it materially increases risk by downloading user-selected model repositories and executing their remote code inside the container with broad Bash capability. No clear credential harvesting or covert exfiltration is present, so this is not confirmed malware, but it is a meaningful supply-chain and execution-risk skill.