da-auth

SUSPICIOUS: The skill’s purpose and Adobe-only data flow are coherent, but it relies on executing a GitHub-sourced helper that handles OAuth tokens without strong release-verification signals. This looks more like a risky same-org auth helper than malware; medium risk comes from supply-chain trust and token-handling exposure, not clear exfiltration.