certificate-lifecycle-manager

SUSPICIOUS: the skill is not overtly malicious and shows no installer abuse, credential routing, or exfiltration path, but its broad Bash/file permissions are disproportionate to its vague certificate-management purpose. The combination of unrestricted shell access, security-operations framing, and lack of concrete product/API boundaries makes it a medium-risk skill.