project-onboard

SUSPICIOUS. The core onboarding behavior is coherent and mostly benign, with appropriately scoped repo inspection and local file generation. The main risk comes from optional transitive skill installation through the official `skills` CLI: same-org provenance lowers supply-chain concern, but installing additional third-party skills materially expands trust and permissions, so overall risk is medium rather than low.