generate-list

SUSPICIOUS: the overall workflow matches a lead-list generation skill, and the apparent network path is same-vendor Explorium rather than a rogue proxy. However, the skill forwards a token obtained from one tool into an undocumented local CLI script whose provenance is not verified in the skill, and it stores fetched prospect data in temp files. The risk is moderate from credential forwarding and execution trust, not from obvious malware or exfiltration.