aeon-vuln-scanner

SUSPICIOUS: the skill's purpose is coherent, but it gives an AI agent offensive security tooling plus autonomous third-party actions using a write-scoped GitHub token. Data flows are mostly legitimate and aligned to GitHub, so this is not confirmed malware, but it is a high-risk security skill that should require strict human approval.