idor-testing

SUSPICIOUS. The skill is internally consistent, but its stated purpose is to give an AI agent offensive web exploitation capability for IDOR discovery and abuse. There is little supply-chain risk from the documented dependencies, yet the operational risk is high because the skill directly enables autonomous security testing and unauthorized data access attempts against web applications.