competitor-teardown

The skill’s footprint is broadly coherent with its stated purpose of performing competitive analysis using the inference.sh tooling. It relies on standard, publicly observable data sources and commonly used CLI-based workflows. There are moderate security considerations related to transitive installation of third-party skills and the potential for broad tool usage without per-action consent, but no evident credential harvesting or covert data exfiltration patterns. Overall, the risk is SUSPICIOUS to MEDIUM due to supply-chain/permission surface areas (transitive installs) rather than due to explicit malicious intent. Recommend validating and constraining transitive skill installs and ensuring per-action user approvals for tool additions.