http2-specific-attacks

SUSPICIOUS: the skill’s purpose and capabilities are internally consistent, but that purpose is to equip an AI agent with offensive HTTP/2 exploitation techniques. Install sources are mostly legitimate and same-project, so the main risk is not credential theft or covert exfiltration; it is the explicit enablement of high-risk attack behavior against remote systems.