share-skill

SUSPICIOUS: the skill’s main behavior broadly matches its stated purpose, but it requests expansive agent permissions, edits Claude Code settings, can exfiltrate content via arbitrary git remotes, and chains into other skills. This is not clearly malicious, but the permission scope and trust model are wider than necessary for a simple skill-sharing utility.