web-search

SUSPICIOUS: The core purpose is coherent, but the skill materially increases agent risk by combining open-ended web research with Bash/WebFetch access, creating strong indirect prompt-injection exposure. It also forwards optional search activity and API keys through third-party SerpApi and references an unverifiable local `alma` config command, so overall risk is medium even without clear malware behavior.