workflow-builder

SUSPICIOUS. The skill is coherent with its stated purpose as a workflow-builder guide, but that purpose itself enables broad autonomous action and includes transitive installation of third-party workflows. There is no clear credential theft or malicious exfiltration in this file, yet the combination of autonomous scheduling, silent runs, and skill-to-skill installation makes it a medium-high security risk.