codeql

SUSPICIOUS. The skill is internally consistent with its stated purpose as a CodeQL analysis guide and shows no credential harvesting, covert behavior, or malicious data routing. Risk comes mainly from granting an AI agent offensive-capable security scanning behavior plus broad local bash/read/write access; supply-chain and exfiltration concerns are otherwise low because the skill itself does not install tools or forward secrets.