WebAssessment

SUSPICIOUS: The skill is internally aligned to offensive web security work, but that purpose itself grants an AI agent high-risk exploit and scanning capabilities. The biggest concerns are offensive-security enablement, autonomous actions against external targets, indirect prompt injection from untrusted web content, and an unrelated mandatory localhost notification plus unpinned local-script trust.