extract-webpage-data

SUSPICIOUS: the skill’s goal is plausible, but its implementation has meaningful trust and data-flow issues. It instructs the agent to read a raw local credential file and routes all requests and scraped content through a Gooseworks proxy rather than the official vendor APIs, creating unnecessary intermediary visibility and concentrated trust. Not confirmed malicious, but the proxy-based architecture and direct credential-file access raise medium-high security concerns.