template-renderer

The skill's documented capabilities, required inputs, and data flows are coherent and proportionate to the stated purpose of secure template rendering within a project. It implements reasonable security controls (path validation, token whitelisting, sanitization, schema validation for specs) and confines file IO to PROJECT_ROOT. No external dependencies or credential exposures are evident. Overall assessment: Benign with moderate security risk due to potential token misconfiguration or edge-case sanitization gaps; no active malware indicators detected.