pentest

SUSPICIOUS. The skill's offensive-security purpose matches its capabilities, but it gives an AI agent live pentesting functionality, relies on an external scanner with an install path that is not cleanly verified, and forwards credentials/data through a third-party CLI that can use arbitrary LLM endpoints. This is coherent for a pentest skill, but still high security risk and not benign.