testing-jwt-token-security

SUSPICIOUS. The skill is internally coherent as a JWT penetration-testing guide, but it gives an AI agent high-risk offensive security capabilities, installs third-party tooling with weak pinning, and performs active exploitation against targets. This is not confirmed malware, but it is a high-risk skill that should be tightly controlled and used only with explicit authorization and human oversight.