genie-editor-workflow

SUSPICIOUS: the skill is broadly aligned with a browser-editor task workflow, but it expands trust to an unverified third-party Chrome extension plus CLI and gives the agent authority to ingest untrusted editor/browser content and then edit local code. No clear credential theft or overt exfiltration is shown, so this is not confirmed malware, but the combined supply-chain and prompt-injection exposure makes it a medium-risk skill.