skill-discovery

The provided SkillForge-style README is not itself malicious code, but it outlines workflows that have moderate supply-chain and execution risks: use of a high-value GITHUB_TOKEN, npm installs (and their lifecycle scripts), cloning and evaluating arbitrary GitHub repos, and automatic modification of the active skillset. Primary concerns are credential leakage, download-and-execute attacks via dependencies or repository-provided scripts, and lack of documented sandboxing/isolation. Treat implementations of this tool as potentially risky until they enforce sandboxed evaluation, least-privilege token usage, dependency integrity verification, pinned/verified dependencies, and conservative human-in-the-loop policies for auto-integration.