add-skill

SUSPICIOUS: The skill is coherent with its stated purpose, but that purpose is inherently high-risk because it installs other skills from arbitrary GitHub repositories into the agent's trusted workspace. Data flow to GitHub is consistent and there is no clear exfiltration indicator, yet the transitive trust chain and GITHUB_TOKEN use make this a significant supply-chain risk.