implement-execplan

SUSPICIOUS: the skill's stated purpose is coherent, but it delegates broad authority to a local markdown plan and tells the agent to act autonomously on ambiguity. Main risk is indirect prompt injection and over-broad execution of untrusted plan content, not credential theft or malicious exfiltration from the skill text itself.