ln-700-project-bootstrap

SUSPICIOUS: The skill's broad project-modification behavior is largely coherent with its stated bootstrap purpose, and the GitHub raw fallback appears same-org rather than an obvious exfiltration path. The main security concern is transitive trust: this orchestrator instructs the agent to invoke multiple other skills with substantial write/exec authority, plus remote reference fetching can feed untrusted instructions into that workflow.