anthropic-cybersecurity-skills

SUSPICIOUS. The skill’s broad cybersecurity purpose matches many of its capabilities, but it asks users to install a large third-party skill corpus from a personal GitHub repo through a transitive skills mechanism, includes executable helper scripts, and may consume multiple sensitive security-service credentials. No direct exfiltration or overtly malicious payload is visible in the provided top-level skill, but the trust chain and operational scope are too broad to classify as benign.