explain-code

SUSPICIOUS: the stated purpose is mostly aligned with code explanation, but the skill broadens scope by requiring a second skill, executing `npx` tooling, and ingesting arbitrary web content with local write capability. No clear malware or credential theft is present, but the transitive-skill trust chain and prompt-injection exposure make it a medium-risk skill.