iam-policy-reviewer

SUSPICIOUS: the skill is not overtly malicious and shows no credential exfiltration, external routing, or installer abuse, but its actual footprint is poorly aligned with its thin IAM-review purpose. The combination of auto-activation, unrestricted Bash(cmd:*), and broad security-category scope is disproportionate for a generic guidance skill.