universal-skills-manager

Overall, the Universal Skills Manager is a coherent, feature-rich orchestration tool described to manage and package AI skills from multiple sources across various tools. However, its footprint includes several high-risk patterns: outbound multi-source network dependencies, optional embedding of API keys into packaged ZIPs, and extensive filesystem/packaging steps that can lead to credential exposure or supply-chain risks if ZIPs are shared or modified. While the intent aligns with centralized skill management, the design includes significant credential handling and multi-environment packaging that warrants caution. Treat as SUSPICIOUS due to credential exposure risk and broad network activity, with elevated securityRisk (0.65). No explicit malware indicators detected in the fragment itself, but data/credential flows and packaging steps create nontrivial risk if misused. Continuous validation, access controls, and careful key-management practices are essential to reduce risk.