arkts-sta-playground

SUSPICIOUS: The skill’s behavior mostly matches its stated purpose, and installs are benign via PyPI. The main concern is data flow: it uploads user code to an unverified third-party Playground endpoint rather than a clearly official ArkTS service, creating moderate confidentiality and trust risk even without signs of credential theft or malware.