amd

SUSPICIOUS: The stated purpose is a benign AMD persona skill, and its capabilities are mostly just prompt instructions with no credential access or direct exfiltration. However, the installation method is not proportionate to a simple persona skill: it appends a mutable raw GitHub URL from an unverified personal repo into Claude's persistent instruction file, creating a transitive trust and prompt-supply-chain risk. No evidence of credential theft or malware payloads was provided, so this is not malicious, but it is riskier than a normal static documentation skill.

SUSPICIOUS: the skill’s stated purpose is benign and mostly documentation-only, but its install flow is not proportionate or well-aligned with normal skill distribution. The main risk is a persistent remote-instruction trust chain from an unverifiable third-party repo owner rather than malware or credential theft.