session-security-checker

SUSPICIOUS: the skill’s stated purpose is generic security guidance, but it is granted broader local execution capability than its content justifies. There is no evidence of credential theft or exfiltration, yet the vague purpose plus Bash(npm:*) permission makes the footprint disproportionate and medium risk.