design-ui

SUSPICIOUS: the stated purpose is coherent for a design-skill router, but the auto-install behavior is disproportionate because it silently extends the agent with a remote third-party skill bundle. The main risk is transitive installation and supply-chain trust, not confirmed malware or exfiltration.