skill-advisor

SUSPICIOUS: The skill’s purpose is coherent, and it uses an official same-ecosystem CLI rather than a random payload. The main risk is transitive installation of third-party skills via `npx skills add`, combined with broad `npx:*` execution permission and an ecosystem that accepts many external repo sources. No direct credential theft or exfiltration is present in the skill itself, but it expands trust to whatever skills get installed next.