security-review

SUSPICIOUS: the install and data-flow story is mostly clean, but this skill grants an AI agent explicit penetration-testing capability against live applications. Its offensive testing scope, autonomous multi-step probes, and exposure to untrusted web content make it high-risk even though the stated purpose matches the behavior.