ui-extractor

[Skill Scanner] Installation of third-party script detected The manifest is coherent and aligned with its stated purpose of UI extraction and design-system generation. It uses conventional tooling and supports practical export formats for design tooling. Privacy considerations for authenticated content should be explicitly documented (consent, data retention, scope). No obvious malicious activity detected; ensure clear data-handling policies for authenticated sessions. LLM verification: Functionally, the skill aligns with its stated purpose: it records or ingests UI sources, extracts frames, identifies components/design tokens, and can export results (including to Figma). There is no explicit malicious code in the provided document. Primary risks are operational: (1) recording authenticated browser tabs can capture sensitive data; (2) unreviewed shell scripts (./scripts/*.sh) and unspecified MCP clients/endpoints could execute arbitrary commands or exfiltrate data; (3) use of F