aif-docs

This SKILL is appropriate for its stated documentation tasks but carries moderate supply-chain and data-exfiltration risks because it permits runtime installation/execution (npx), network access (WebFetch/WebSearch), and broad filesystem reads. It includes useful guardrails (user approval, review steps) but should be implemented with concrete technical limits: pin and vet any third-party tooling, explicitly skip/redact sensitive files during scanning, and require explicit consent before sending repository contents over the network. With those mitigations in place, the skill can be used safely for generating and maintaining docs.