code-injection-detector

SUSPICIOUS: the skill is not overtly malicious, but it is overly generic and grants broad Bash(npm:*) execution that is not clearly needed for its stated documentation-style purpose. Main concern is disproportionate execution/supply-chain scope, not confirmed credential theft or exfiltration.