skiplagged

No direct malicious code is visible in this fragment because it only defines metadata and an install command. The primary risk is supply-chain integrity: the installer downloads SKILL.md from a mutable upstream URL (main branch) and writes it locally without any integrity verification, making tampering/content drift a concern. Review and pin the upstream revision and verify integrity (checksum/signature) before trusting or loading the downloaded SKILL.md.

SUSPICIOUS. The skill’s travel-search purpose is plausible, but its footprint is inflated by Canifi-managed curl|bash installers and optional credential capture for a service that reportedly works in guest mode. I see no confirmed malicious exfiltration, yet install trust and credential-forwarding risks are material and not well bounded to the stated purpose.