security-audit

SUSPICIOUS: the skill is internally consistent for a security-audit purpose, but it intentionally enables an AI agent to run security assessment workflows against arbitrary projects and repositories. No credential theft or exfiltration is evident in the text, yet the combination of repo scanning and script execution makes it a high-risk security capability for an agent.