headless-ghidra-baseline

SUSPICIOUS: the skill’s reverse-engineering capabilities are broadly consistent with its stated purpose, but it hinges on an unverified `ghidra-agent-cli` wrapper that mediates all Ghidra/Frida actions. There is no explicit credential harvesting or exfiltration in the supplied text, yet the required opaque CLI and security-tooling nature make the skill high risk overall.