21st-dev-components

SUSPICIOUS: the skill's overall purpose is coherent, but Auto mode materially increases risk by combining arbitrary site crawling, external component/code retrieval, and direct repo modification without documented verification boundaries. This looks more like a high-risk automation pattern than confirmed malicious behavior; no credential harvesting or explicit exfiltration is present in the supplied text.