permission-boundary-test

SUSPICIOUS. The skill is internally coherent as a security testing guide and has no installer, third-party credential routing, or exfiltration behavior. However, it explicitly equips an AI agent to perform systematic authorization and IDOR probing, which is high-risk offensive security capability even when framed as testing.