solo-setup

This SKILL.md is internally consistent: it reads project metadata and manifests to generate docs/workflow.md and to update CLAUDE.md. There are no explicit malicious behaviors, no external download/execute chains, and no credential requests. The primary security considerations are (1) the allowed-tools list includes Bash which increases the ability to execute arbitrary shell commands if the agent is permitted to use that tool; (2) MCP integrations may call out to external services depending on their implementation, so their endpoints and data handling should be trusted/inspected. Overall the manifest appears benign for its stated purpose but requires safe implementation (limit Bash use to minimal commands, avoid reading unrelated sensitive files, and ensure MCP tools are trusted).