gtm-partner

[Skill Scanner] Skill instructions include directives to hide actions from user This skill is functionally coherent with its stated GTM purpose: reading idea-evaluation data, checking for existing design systems, performing domain/whois checks, generating a consolidated HTML deliverable, and producing GTM assets. It is NOT obviously malicious, but it carries meaningful supply-chain and operational risk because it mandates local file reads, shell commands, external lookups, automatic generation of all assets on a single confirmation, and "silent" domain research. Those behaviors expand the attack surface (local data exposure + network requests) and could be abused by a malicious agent or misconfigured runtime to exfiltrate sensitive idea details. Recommend treating this skill as suspicious: acceptable for interactive human use with explicit consent per action, but risky for fully autonomous agents or environments where WHOIS/trademark/network calls might leak sensitive information. Limit automated agent permissions, require explicit per-action confirmations, and make all external endpoints and background lookups transparent before use. LLM verification: This SKILL.md appears functionally consistent with a GTM assistant: it legitimately needs local evaluation data and style files, and it reasonably checks domain availability and writes artifact files. However, several instructions push for autonomous, silent actions (background domain research, 'do not ask more questions', automatic generation and opening of output files) which raise supply-chain and privacy concerns. There is no direct evidence of embedded malware or explicit exfiltration endpo