refactor

[Skill Scanner] Instruction directing agent to run/execute external content BENIGN: The fragment describes an internal orchestration mechanism that triggers a local Python workflow for code quality/refactor analysis. It does not solicit credentials, access external networks, or modify sensitive system components beyond the project workspace. The structure is coherent with its stated purpose, though the nonstandard <invoke> syntax should be validated by the host to prevent misinterpretation or injection in parsing. LLM verification: The SKILL.md is a thin wrapper that commands immediate execution of an unreviewed local Python module and prohibits pre-execution exploration. While the file does not itself contain malicious code, this execution pattern enables arbitrary code execution with the agent's privileges and therefore represents a tangible supply-chain and data-exfiltration risk. Before allowing automated invocation, obtain and review the referenced script(s), verify integrity and provenance, and execute them under san