code-env-setup

SUSPICIOUS. The core purpose and local file access are mostly coherent for a Claude Code setup wizard, and user confirmation reduces abuse risk. The main concerns are mutable remote guidance fetched at runtime from a personal GitHub repo and transitive trust from installing MCP servers, which make the skill higher risk than a purely local documentation/setup helper.