testing-web-applications

This skill is internally consistent with its stated purpose, but that purpose is to equip an AI agent with offensive web exploitation capability. It meaningfully increases risk through exploit payloads, credential theft patterns, sensitive-file targeting, and active attack tooling, so it should be classified as suspicious/high-risk rather than benign. There is no clear evidence of hidden malware or deceptive exfiltration by the skill author itself.