screenshot-claude

SUSPICIOUS: the skill’s purpose is coherent, but it relies on executing a mutable npm package at runtime via bunx and grants broader-than-necessary bunx Bash access. Data flow is broadly consistent with screenshot automation, yet the unpinned remote package execution and unusual 1-hour directive make it medium risk rather than benign.