skills-cli

SUSPICIOUS: the skill is purpose-aligned, but its purpose is inherently risky because it instructs the agent to install and trust other skills from arbitrary third-party sources. There is no direct credential theft or covert exfiltration, but the transitive install model and broad source support create substantial supply-chain risk.