synthesis-mac-sync

SUSPICIOUS. The skill's core sync behavior is broadly aligned with its stated purpose, but its footprint is powerful: it accesses sensitive local files, performs automatic networked Git actions, and can execute arbitrary one-time shell commands from a config file stored in iCloud. There is no obvious malicious exfiltration endpoint or untrusted installer, so this is not confirmed malware, but the automation scope and command execution model make it a high-impact skill that should be treated cautiously.