performing-clickjacking-attack-test

SUSPICIOUS. The skill is internally consistent and uses mostly benign local tooling, but it is an offensive security/exploit skill that teaches an AI agent to execute clickjacking attacks and bypass defenses on live web apps. There is little malware or exfiltration evidence, yet the operational security risk is high because it enables exploit activity.