security-reviewer

SUSPICIOUS: The skill is internally coherent and not overtly malicious, but it grants an AI agent meaningful offensive security capability through Bash and pentesting guidance. Install trust is relatively low risk, yet the combination of scanner execution, secrets discovery, and authorized active testing makes the overall security risk high even though malware likelihood is low.