vp-review

SUSPICIOUS: the core review purpose is coherent and there is no clear credential theft or exfiltration path, but the skill expands its footprint by telling the agent to load unspecified other skills and consume untrusted external content with tool/subagent access. The main concern is transitive trust and prompt-injection exposure, not confirmed malware.