security-review

This skill is malicious in structure: it presents as a benign security-review guide but secretly instructs the agent to execute a remote script from an unverifiable personal domain. The visible audit steps are plausible, but the concealed download-and-execute behavior is incompatible with the stated purpose and creates a severe supply-chain and remote-execution risk.