kehwar-skills

SUSPICIOUS: The documented purpose is coherent, and the primary CLI appears to be the official Vercel Labs skills tool, so this is not outright malicious. However, the skill’s core function is to install and manage other skills from arbitrary repositories, creating a transitive trust risk that is disproportionate to a simple repo-management guide and raises medium security concern.