getnote-auth

The skill’s stated purpose is coherent with its actions: it manages authentication for a CLI and uses typical sources like API keys, env vars, OAuth, and a local config file. The main issue is trust, not purpose mismatch: it requires an external getnote CLI that could not be independently verified from official distribution or release evidence, yet it is entrusted with live credentials. That makes this skill suspicious/high-risk rather than confirmed malicious.