security-reviewer

The skill's stated purpose as a security reviewer aligns with its described workflow and constraints. There are no explicit dangerous data flows, credential forwarding, or autonomous real-world actions evident in the provided description. Given the absence of concrete install instructions or external network calls, the security footprint appears proportional to its intended use. Nevertheless, the evaluation assumes careful implementation to avoid secret leakage in reports and to strictly enforce authorization scopes for any scanning or testing activities. Overall, the skill appears benign with moderate security risk only if implemented with insecure reporting or uncontrolled tooling access.