csdn-article-publish

SUSPICIOUS. The skill’s core purpose matches article publishing, and data appears intended for CSDN rather than an unrelated server, so this is not confirmed malware. But it relies on manually harvested browser session/signature headers instead of a verifiable official API auth flow, forwards those sensitive credentials through a local script, and enables public posting on the user’s behalf; this makes the skill medium-to-high risk despite reasonable purpose alignment.