markdown-novel-viewer

SUSPICIOUS. The core behavior is coherent for a markdown viewer, and the direct npm dependencies look normal. Risk comes from inconsistent execution scope (allowed-tools NONE vs required shell/node actions), broad arbitrary path serving, optional LAN exposure, and the recommended ClaudeKit installer path adding extra trust beyond what this skill needs.