claude-settings-audit

SUSPICIOUS. The core repository-audit behavior is coherent and mostly read-only, but the skill goes beyond simple auditing by recommending transitive installation of many other skills and optional MCP integrations. The main concerns are trust expansion, credential forwarding in the Linear npx MCP example, and an only partially verified Sentry MCP endpoint. This is not confirmed malware, but it has meaningful security risk beyond a narrowly scoped settings auditor.