ravi-passwords

High-risk but not confirmed malicious. The skill’s purpose and capabilities mostly align with a password manager, yet it routes plaintext website credentials through an external Ravi CLI and remote service, and the CLI’s release provenance is not sufficiently verifiable from the provided evidence. Because an unverifiable external CLI receives passwords, this warrants a high security-risk classification.