siem-rule-generator

SUSPICIOUS: the skill is not overtly malicious and shows no credential theft, exfiltration, or supply-chain abuse, but its scope is vague and broader than its stated SIEM-rule purpose. Broad local permissions, especially Bash, combined with security/pentesting framing make the footprint disproportionate for a simple rule-generation helper.