clawpilot-pair

SUSPICIOUS: the skill’s purpose and capabilities mostly align, but it asks the agent to install and execute globally-scoped npm CLIs from only partially verified publishers, including unpinned `@latest` versions, before producing a live pairing code. No clear credential harvesting or off-platform proxying is shown, so this is not confirmed malware, but the install-and-execute trust model is broader than ideal for a pairing workflow.