security-scanner

SUSPICIOUS: the skill is internally coherent for a security-scanning purpose and mostly uses official tools and endpoints, but it equips an AI agent with offensive-capable scanning/DAST workflows and includes a few unpinned remote install/execute patterns. This is not credential theft or clear malware, but it is a high-impact security skill that should be treated as risky and used only with explicit user authorization and tight execution controls.