gemini

SUSPICIOUS. The stated purpose is plausible, but the actual install and auth instructions are internally inconsistent with Google's official Gemini CLI documentation. The wrong package name plus API-key setup create a meaningful risk of installing or authenticating an unintended package, and MCP/transitive installs further expand trust beyond the skill's narrow purpose.