curate-skills

The curate-skills skill presents a governance/curation workflow with read/write operations limited to repository artifacts (agent.yaml, README.md, ASQM_AUDIT.md). There is no indication of dangerous data flows, credential handling, or supply-chain actions. The footprint is coherent with its stated purpose of inventory governance and ASQM-based scoring; risk is low to moderate and primarily organizational, not technical security risk.