ESLint Custom Rule Generator

SUSPICIOUS: the skill’s stated purpose is benign, but its actual installation model relies on transitive trust through a third-party skill catalog that is not the claimed ESLint publisher. No clear credential theft or exfiltration is present, so this is not malware, but the provenance mismatch and skill-to-skill installation pattern make it a medium-to-high supply-chain risk.