clickjacking

SUSPICIOUS. The skill is internally coherent as a clickjacking attack playbook, but its actual purpose is to enable offensive security testing and exploit development by an AI agent. There are no supply-chain, credential, or exfiltration concerns in the provided text, so malware likelihood is low, but the offensive capability makes the skill high risk.