seo-audit

This skill is coherent with its stated purpose (running SEO audits) and uses legitimate tools (seomator CLI and Playwright). However, it performs automatic, network-backed install-and-execute steps on skill load (global npm install and optional Playwright binary download) and runs third-party CLIs to process untrusted web content. These patterns are normal for tooling but introduce moderate supply-chain and system-change risks: automatic installs without explicit consent, large binary downloads, and reliance on third-party packages that will execute with user privileges. There is no direct evidence of hidden exfiltration, obfuscation, or credential harvesting in the provided skill text, but the combination of automatic installs + arbitrary web crawling warrants caution. Recommended mitigations: require explicit user confirmation before any install or binary download, prefer local/virtual environment installs or documentation that asks the user to install prerequisites manually, validate package provenance (pin versions, use checksums), and limit automatic actions to read-only checks until the user consents.