fullstack-feature

SUSPICIOUS: the skill’s feature-building purpose broadly matches its capabilities, and it lacks obvious exfiltration or malicious install behavior. The main risks are disproportionate autonomy (auto-proceed, auto-commit, mandatory runtime obedience) and transitive loading of other unpinned skills, plus trust in unseen local scripts/npm commands.