wiki-init

SUSPICIOUS. The skill’s capabilities mostly match its stated purpose, and the dry-run/explicit-confirmation workflow is a strong benign signal. The main concern is supply-chain trust: on write, it clones and installs QMD from a personal GitHub repo into a managed cache without stating pinning or checksum verification, then wires wrappers/hooks into the project. This is not clearly malicious, but it is broader and riskier than a purely local initializer and deserves medium scrutiny before use.