skill-system-cli

The skill appears intended as a local orchestration CLI, but its footprint is unusually broad: it can scan and run arbitrary project scripts, write config, touch DB-backed subsystems, and install other skills. There is no clear evidence of malware or exfiltration, yet the transitive skill-install feature and broad exec surface make it suspicious rather than benign.