configure-dast-scan

SUSPICIOUS: The skill is largely coherent with its stated purpose as a Harness DAST/STO configuration guide, and its main install path is official and same-org. Risk comes from enabling offensive security scanners, forwarding secrets to third-party scanner services, mutable @latest MCP installation, and minor transitive trust to other skills; these are proportionate enough to avoid a malicious classification but warrant medium caution.