jupyter-live-kernel

SUSPICIOUS. The skill’s purpose largely matches its capabilities, but its footprint includes two notable risks: executing helper code cloned from a personal GitHub repository and instructing the agent to run Jupyter with authentication disabled. Data flow is local and there is no clear credential harvesting or exfiltration, so this is not confirmed malware, but the install trust and disabled security controls make it higher risk than a normal documentation-style Jupyter skill.