html-injection-testing

SUSPICIOUS/HIGH-RISK. The skill’s footprint is coherent with its stated purpose, but that purpose is to help an AI agent perform offensive HTML-injection exploitation, including credential-harvesting phishing forms and defacement. Official tooling lowers supply-chain concern, yet the exploit and exfiltration guidance makes this a high-risk offensive security skill rather than a benign testing reference.