plugin-installer

SUSPICIOUS. The skill is coherent with its stated purpose, but that purpose inherently expands trust by configuring OpenCode to load third-party community plugins from npm. No direct credential theft or exfiltration is evident, yet the transitive package-install behavior and optional forced cache refresh create meaningful supply-chain risk beyond a simple documentation skill.