awesome-codex-skills-curator

SUSPICIOUS: the stated purpose matches the behavior, but the skill is fundamentally a transitive installer for remote AI-agent skills, including arbitrary third-party GitHub repos and mutable branches. That makes the install path and downstream instruction trust disproportionate even without direct credential theft in this skill.