auto-update-plugins

SUSPICIOUS. The skill's purpose matches plugin syncing, but it achieves this by automatically installing and refreshing other agent plugins from GitHub on every session start. That transitive installation model, combined with unpinned remote sources and reduced user review, makes the footprint higher risk than a normal documentation or utility skill.