cloud-native-readiness

SUSPICIOUS: the assessment behavior is broadly consistent with the stated purpose, but the skill expands scope by cloning user-supplied repositories and, more importantly, invoking an unspecified downstream `dockerfile-skill`. The main risk is transitive trust and untrusted-content processing, not overt credential theft or malware.