betterprompt

SUSPICIOUS. The skill's main purpose is coherent, but it materially expands trust by installing and running an external CLI, supports `curl|bash`, allows registry endpoint override, and encourages transitive installation of additional remote skills. No clear credential theft or confirmed malware is present, but the trust and prompt-supply-chain footprint is broader than a simple prompt helper and merits medium risk.