txtskills-llms-to-agent-skills

SUSPICIOUS. The stated purpose matches the capability, and the txtskills installer appears to come from a verifiable project source, so this is not clear malware. However, the skill meaningfully increases risk by converting untrusted web content into installable agent instructions and by recommending immediate transitive installation of the generated skill; the unpinned `npx @latest` execution and optional custom API endpoint add medium supply-chain risk.

This module itself does not contain overt malware indicators (no obfuscation, secrets, eval/dynamic execution, or direct exfiltration). However, it implements a high-impact supply-chain pattern: it downloads a remotely sourced “skill” from a user-selected GitHub owner/repo and then invokes a local installer (`skills add`) using the downloaded artifact path. If the downstream `downloadSkillFolder` or `skills` CLI executes or trusts the downloaded content without integrity verification/sandboxing, the risk becomes substantial. Overall, maliciousness in this specific file appears low, but security risk is moderate-to-high due to unverified remote-to-execution delegation and partially unvalidated agent option passthrough.