make-video

SUSPICIOUS: the overall purpose is coherent for a video-production skill, and the main HyperFrames dependency appears to be official same-org tooling. However, the skill has a broad footprint: remote `npx` execution, optional API-key forwarding to external providers, web content ingestion with exec/write capabilities, Playwright capture, and especially transitive installation of additional skills. This is not clearly malicious, but it is higher-trust and broader-scope than a narrowly scoped local rendering skill.