e2e-rust-cli

SUSPICIOUS: the skill’s behavior matches its stated test purpose, but it relies on an unverifiable downloaded binary with no visible public release, checksum, or signature. There is no evidence of credential theft or unrelated capabilities, but install trust is insufficient, so this should be treated as high supply-chain risk rather than confirmed malware.