gemini-use-claude-acp

Purpose and capabilities mostly align: this skill is clearly for delegating work to Claude. The main risk is not hidden malware but broad delegated authority: it auto-approves Claude tool use, enabling filesystem/shell actions in the target project without explicit approval per action. Runtime pnpm dlx execution adds moderate supply-chain risk, but there is no strong evidence of credential harvesting or covert exfiltration beyond the expected model delegation path.