design-systems

SUSPICIOUS: the skill's purpose mostly matches its capabilities, but trust is uneven. Southleft appears plausibly legitimate despite mismatched install guidance, while the CSS MCP is not verifiably tied to an official source from the provided evidence. The skill also forwards prompts and an API key to third-party services for component generation, which is proportionate but not fully documented. Overall this is a medium-risk skill driven by external-tool trust and incomplete data-flow clarity, not clear malware.