mcp-provider

SUSPICIOUS: the stated purpose matches MCP integration, but the trust model is weak. The skill expands other skills with third-party MCP tools from a broad catalog without clear provenance controls, version pinning, or signature/checksum verification, and it combines external content processing with write/exec-capable tooling.