update-installed-skills

SUSPICIOUS: the skill’s behavior matches its stated purpose, but that purpose itself is high-trust. It uses a legitimate npm CLI rather than a covert payload, yet it updates other skills from remote sources and can fresh-clone GitHub repos, creating a meaningful transitive supply-chain risk. No clear credential theft, stealth, or malicious exfiltration is present, so this is not malware; it is a medium-risk updater skill that should only be used with trusted upstream skill sources and careful dry-run review.