skill-scout

This skill is a powerful orchestration tool that intentionally fetches, evaluates, and installs third-party code from public sources. Its documented capabilities create several high-impact supply-chain risks: download-and-execute of arbitrary repository code (npm install), transitive dependency installation, and autonomous install/update workflows. The skill's value (auto-discovery and management) explains many of these capabilities, but they are inherently high-risk and require strict safeguards (principle of least privilege, pinned installs, audit of install scripts, sandboxing with enforced limits, manual approval gates, and careful handling of credentials). There is no clear evidence in the provided text of active malicious code or exfiltration endpoints, so this appears to be a high-risk but legitimate tool rather than confirmed malware. Operators should treat it as vulnerable: require manual review of all install actions, run installs in a hardened sandbox, avoid forwarding credentials to untrusted install processes, and pin/verify third-party artifacts before enabling auto-install or auto-update.