api-tester

SUSPICIOUS: the stated purpose is API testing, but the actual workflow routes all testing and documentation retrieval through Gooseworks proxy/search services, giving Gooseworks access to bearer credentials, target URLs, and scraped content. The capability is partly aligned with the purpose, but the data flow is not transparent or minimal, and the skill reads raw local credentials instead of using a safer auth flow. No confirmed malware or overt exfiltration endpoint is shown, but the proxy-mediated design and credential-file access make this a medium-high security risk.