burpsuite-project-parser

SUSPICIOUS. The skill is internally coherent for Burp project analysis and does not harvest credentials or route data to third-party endpoints, but it meaningfully expands an AI agent into offensive security analysis and relies on a manually installed third-party Burp extension JAR from a personal GitHub repo. The primary concern is install trust and security-tooling scope, not confirmed malicious behavior.