refactor

SUSPICIOUS: The refactoring workflow itself is coherent and low-risk, but the mandatory use of an unverifiable external telemetry CLI is not proportionate to the stated purpose and creates a significant supply-chain trust gap. No confirmed malware or credential theft is shown, but the required opaque executable makes the skill high risk.