agent-production-validator

This skill is a production validator whose declared purpose (verify no mocks, run end-to-end tests and performance/load tests against real services) matches the capabilities shown. The primary risk is operational: it requires many sensitive environment variables and will perform real-world side effects (DB writes/deletes, emails, payment intents, high-volume HTTP requests). If executed with production credentials or run against production endpoints, it could cause data loss, unintended emails, financial operations, or service load. I did not find evidence of deliberate malware (no obfuscated payloads, no external attacker-controlled exfiltration endpoints, no download-and-execute chains). Treat this skill as high-risk to run in untrusted environments — only execute in isolated test environments with scoped test credentials and safeguards (explicit sandbox flags, dry-run modes, and confirmations).