sap-sac-scripting

SUSPICIOUS. The core SAC scripting guidance is coherent and mostly benign, but the skill also promotes installation of a community MCP server from an unrelated GitHub org and instructs users to provide SAC OAuth credentials to it. That scope expansion and credential forwarding make the skill higher risk than a normal documentation/reference skill, though there is no clear evidence of deliberate exfiltration or confirmed malware.