macos-resource-optimizer

[Skill Scanner] Instruction directing agent to run/execute external content This skill's documented capabilities are broadly consistent with its stated purpose (macOS resource optimization). The primary risks come from local destructive actions (killing processes, deleting Time Machine snapshots, purging swap, stopping Docker containers) and the absence of visible safeguards in the manifest (confirmation prompts, explicit least-privilege behavior, or sanitization of output). No direct evidence of remote exfiltration, obfuscation, or intentionally malicious code is present in this manifest alone — however, because the coordinator delegates execution to local scripts whose contents are not provided, there is residual supply-chain risk: those scripts could perform harmful operations or leak data if they contain malicious code. Recommendation: treat this as potentially dangerous until the actual coordinator.py and agent scripts are reviewed; verify safeguards (dry-run/default safe modes), require explicit user consent for destructive actions, audit for any network calls or reading of sensitive files, and run in a controlled test environment first. LLM verification: The coordinator/skill orchestrates many powerful local operations appropriate for a system optimizer but with a broad destructive surface (killing processes, removing snapshots/files, pruning containers). The manifest lacks provenance, integrity verification, and explicit safety/consent mechanisms. While the provided content shows no direct malware artifacts, the execution model (shelling out to many local scripts without safeguards) creates a significant supply-chain and operational risk: a com