lifecyclemodel-hybrid-search

SUSPICIOUS: the skill’s purpose and capabilities mostly align, but it combines remote execution of a mutable npm package with credential forwarding and a user-configurable API endpoint. This looks like a legitimate developer workflow wrapper, not confirmed malware, yet the install and data-flow trust model is only moderately safe.