debugging-master

SUSPICIOUS. The skill’s purpose and capabilities mostly align for local debugging, and its documented data flows stay on the local machine or loopback. However, the core CLI/tool is not publicly verifiable from the provided evidence, which creates a mandatory high supply-chain risk floor for an unverifiable executable; combined with the ability to capture sensitive runtime data, this makes the skill risky despite no clear evidence of overt malware or third-party exfiltration.