audit-oe

The skill is mostly coherent with its stated purpose: it audits biomedical citations and writes a report. Main concerns are reliance on an unofficial OpenEvidence MCP and the high indirect prompt-injection surface created by fetching and processing untrusted external content with write-capable orchestration. This looks suspicious from a security-hardening perspective, but not malicious or obviously credential-harvesting.