skill-distiller

SUSPICIOUS: the stated purpose is coherent, but the footprint is broader than a simple analyzer because it installs third-party skills and processes untrusted instruction content with write/exec capability. The official `skills.sh` installer reduces malware concern, yet transitive skill installation and indirect prompt-injection exposure make this a medium-high security risk.