reverse-engineer-rpi

SUSPICIOUS: the skill’s footprint mostly matches its stated reverse-engineering purpose, and install trust is moderate because it relies on standard GitHub/git workflows with optional ref pinning. The main risk is proportionality and execution scope: it lets an agent analyze untrusted repos/binaries and emit many local artifacts, with optional security-audit/fuzzing behavior. No clear credential theft, covert exfiltration, or malicious data routing is evident, but the capability set is inherently high-risk for agent misuse and prompt-injection exposure.