assimilate

SUSPICIOUS. The skill’s purpose is coherent and its strongest safeguard is the explicit ban on executing external project scripts, but it still combines arbitrary external content ingestion with Bash/Write/Skill capabilities and unpinned git clones. This is not confirmed malware or credential harvesting, yet it poses medium-to-high operational risk from supply-chain exposure and indirect prompt injection.