teams-migration

SUSPICIOUS: The skill’s core purpose and capabilities mostly align, but it forwards Microsoft auth material and chat data through a third-party personal npm MCP tool invoked via unpinned @latest, plus mandatory localhost notification behavior. This is not clearly malicious, but the install trust and credential-handling footprint are broader than ideal for a Teams migration skill.