k-skill-setup

SUSPICIOUS: mostly coherent setup guidance for secret management, with legitimate tool choices and no clear credential-harvesting endpoint. The main risks are transitive skill installation via the skills CLI, optional persistence, and decrypted secret injection into arbitrary commands; these are proportionate to setup but still medium-risk for an AI agent skill.