implementing-canary-tokens-for-network-intrusion

SUSPICIOUS: The skill is broadly coherent with its stated defensive deception purpose and uses mostly official endpoints, so it does not look malicious. However, it is a high-impact cybersecurity operations skill that can modify real systems, handle API/webhook secrets, ingest external webhook data, and plant decoy credentials across enterprise infrastructure; that makes it operationally risky and outside a low-risk documentation profile.