skill-search

Functionally the skill does what it claims (search and install agent skills). It is NOT obviously malicious by itself (no hardcoded credentials, no obfuscated payloads), but it uses high-risk installer patterns: npx execution of remote code, default global (--all) installs, and automatic symlinking into multiple agent directories. Those choices substantially increase supply-chain risk because a compromised or malicious upstream skill would be executed and propagated broadly with the user's account privileges. Recommend treating this workflow as suspicious in a threat model: require verification, sandboxing, and explicit per-agent consent before installing.