cometchat-ios-features

SUSPICIOUS. The skill’s stated purpose matches most of its content, and the CometChat SDK/dependency references are broadly consistent with official product features. However, it asks the agent to run an unverified `cometchat` CLI and pass an OpenAI API key into it, which is disproportionate trust for a documentation-style skill and creates a credential-forwarding risk. Main issue is install/provenance uncertainty, not confirmed malicious behavior.