destructive-command-guard

SUSPICIOUS: the stated purpose is coherent and defensive, but the install trust is weak. A safety hook that blocks destructive commands fits the claimed purpose, yet the skill asks users to install an unpublished binary from a different GitHub owner via unpinned curl|bash or cargo --git. There is no clear exfiltration or credential theft behavior, so this is not malware, but it carries high supply-chain risk for a local execution hook.