bifrost-platform

SUSPICIOUS. The skill's operational scope matches a deployment assistant, but its install path is inconsistent with Bifrost's official documentation: it directs the agent to install a different npm publisher's CLI and then use that binary for authentication, deployment, and infrastructure actions. That package provenance mismatch is the dominant risk and is sufficient to treat the skill as high-risk even without confirmed malicious payloads.