kagi-enrich

SUSPICIOUS. The skill's purpose, credential scope, and API data flow are mostly consistent with a Kagi search integration, but its main risk is the install model: downloading and executing a prebuilt binary from a personal GitHub repo, then supplying an API key to that binary. That makes it a supply-chain and credential-forwarding concern despite otherwise coherent functionality.