nestjs-health-audit

SUSPICIOUS: the stated purpose is a NestJS audit, but the skill goes beyond passive analysis by requiring hidden installer instructions and broad install/build/test execution over untrusted project code. The visible data flows are mostly coherent for an audit, yet the undisclosed tool-installer content, broad tool permissions, and command execution on arbitrary repositories raise medium-high security risk rather than clear malicious intent.