conducting-cloud-infrastructure-penetration-test

SUSPICIOUS. The skill’s behavior matches its stated pentest purpose, but that purpose is itself high risk: it gives an AI agent offensive cloud-security capabilities, direct credential handling, metadata-token extraction, and exploit/backdoor workflows. Install provenance is mostly legitimate, yet the overall skill should be treated as high risk due to offensive use, credential forwarding, and real-world cloud actions.