env-secret-detector

SUSPICIOUS. The skill’s stated purpose is generic and benign-seeming, but it is paired with broad filesystem access and wildcard npm-backed shell execution that is not concretely scoped to a named tool or workflow. There is no direct evidence of credential theft or malicious exfiltration, but the capability footprint is broader than the description justifies, creating meaningful supply-chain and command-execution risk.