vigolium-scanner

SUSPICIOUS: the skill is internally coherent as a vulnerability-scanner operator guide, but it enables high-risk offensive actions, autonomous agent-driven scanning, execution of custom JS extensions, and processing of untrusted external content. The largest concern is that the core Vigolium CLI and its agent backend data flows are not independently verifiable from the provided evidence, leaving substantial install-trust and data-routing uncertainty.