csv-formula-injection

This skill is coherent with its stated purpose, but that purpose is to teach offensive spreadsheet-exploitation techniques. It does not show malware-like installation, credential harvesting, or hidden exfiltration by the skill itself, yet it materially enables command-execution and outbound-request abuse against target spreadsheet workflows. Final classification: SUSPICIOUS / high-risk offensive security skill, not confirmed malware.