insecure-deserialization-checker

SUSPICIOUS: the skill’s stated purpose is plausible, but its actual instructions are generic while its permissions are broad. The main risk is disproportionate shell/npm execution scope for a loosely defined security-checking skill, with open-ended package trust and no pinned tooling or concrete workflow.