ssh

SUSPICIOUS: The skill’s main SSH capability is purpose-aligned, and its only dependency appears to be a legitimate open-source npm package. However, it enables powerful remote command execution, stores or consumes sensitive SSH credentials from local files, uses an unpinned dependency, and adds an unnecessary chain of other skills/subagents that expands trust. No clear exfiltration or malicious routing is shown, but the footprint is higher-risk than a narrowly scoped SSH helper.