uipath-coded-apps

SUSPICIOUS. The skill's capabilities mostly fit its stated UiPath deployment purpose, but the install/provenance story for the core `uip` CLI is internally inconsistent with the provided official evidence. Because the skill forwards auth-bearing environment data and performs real deployment actions through an unverified CLI path, the overall risk is medium-high despite no clear evidence of deliberate malware or third-party exfiltration.