related-skill

SUSPICIOUS: the skill's stated purpose matches its behavior, but that behavior is inherently high-trust because it installs other skills. The main risk is transitive trust expansion through unpinned `npx skills` execution and downstream skill installation, not direct credential theft or exfiltration in this skill itself.