friction-log

SUSPICIOUS: the skill’s purpose largely matches its behavior, but it exports conversation-derived data to a third-party hosted endpoint and can do so automatically at session end with limited transparency. The publisher/repo/endpoint relationship appears coherent, so this is not confirmed malware, but the external reporting flow, silent failure behavior, and transitive skill install model make it medium risk.