workflow-greenfield

Suspicious. The skill’s stated purpose matches project initialization, but it delegates execution to an opaque workflow and forces a long autonomous chain that mixes untrusted web research with later file-writing and implementation steps. No direct malware or credential theft is shown, but the transitive trust and prompt-injection exposure make it medium risk.