blog-writer

SUSPICIOUS. The skill’s main blog-writing behavior is proportionate and coherent, but it delegates cover generation to an unverifiable local script and likely forwards `GEMINI_API_KEY` to it. That black-box dependency is the main risk; without it, the skill would be largely benign.