sg-visual-discover

SUSPICIOUS: The core route-discovery and manifest-generation behavior fits the stated purpose, but the skill is overbroad in credential discovery and asks the agent to copy possible dev credentials from project docs/examples into config. Combined with an undocumented external CLI dependency and live-page inspection plus file writes, this is riskier than a normal documentation/generator skill, though there is no clear exfiltration or confirmed malware behavior.