listenhub

SUSPICIOUS: the deprecation stub is not directly malicious, but its core function is to push installation of another skill bundle through a transitive trust chain. The installer appears ecosystem-official, which lowers malware confidence, yet the unpinned repo-based skill installation makes this a medium security risk.