product-changelog

SUSPICIOUS: the core changelog-writing purpose is plausible, but the skill’s operational footprint is broader than necessary because it requires an external CLI, delegates installation to another skill, grants wildcarded `infsh` shell use, and can fetch arbitrary external pages via a browser app. No confirmed exfiltration or malware is shown, but the trust chain and remote execution model are disproportionate for a documentation-focused skill.