scanning-api-security

SUSPICIOUS: The skill is internally coherent and not overtly malicious, but it equips an AI agent with security scanning/offensive assessment capabilities. No clear credential theft or exfiltration appears, and external tools are official/expected, yet the exploit-oriented use case and bash-enabled scanning make overall risk high.