awiki-people

SUSPICIOUS: The skill is mostly a placeholder contract with no direct exfiltration or credential handling, and its planned people features fit the stated purpose. The main risk is execution trust: it grants Bash access to awiki-cli while the binary's provenance is not verifiable from the provided evidence, plus it relies on another local skill for behavior. Because the commands are not implemented and no credentials or external endpoints are shown, this is not malicious, but it remains medium/high security risk due to the unverifiable CLI trust boundary.