ruanzhu

SUSPICIOUS: the stated purpose is plausible, but the skill’s actual footprint depends on executing an opaque local Python script from a nonstandard path with no provenance, review, pinning, or integrity checks. Data flow appears local rather than overtly exfiltrative, so this is not confirmed malware, but the forced download/execute-style trust model and prohibition on inspection make it high security risk for a skill with a narrow stated purpose.