securing-code

SUSPICIOUS. The visible excerpt is not overtly malicious, but it advertises offensive security capabilities that do not clearly belong in a generic secure-coding review skill, and its real behavior cannot be validated because INSTRUCTIONS.md is missing and publisher/install provenance is not verifiable. No confirmed credential theft or exfiltration is shown from the provided evidence alone, but the skill should not be treated as benign until the hidden instructions are reviewed.