security-review

SUSPICIOUS: The skill’s stated purpose matches its capabilities and it has no credential harvesting or external install path, so it is not malicious on its face. However, it is a high-impact security-review skill that processes untrusted code across the whole repository while retaining Bash access, creating meaningful indirect prompt-injection and agent-misuse risk.