texforge

The skill’s core purpose is coherent for a LaTeX CLI, but its install and execution model is high-risk: remote pipe-to-shell installers plus an undocumented automatic binary download/execution path for Tectonic. No credential harvesting or obvious exfiltration is described, so this is better classified as suspicious/high-risk supply-chain behavior rather than confirmed malware.