opensource-project-learning

SUSPICIOUS: the core teaching and local note-taking behavior fits the stated purpose, but the skill also encourages executing arbitrary third-party project install/run commands and references another skill, expanding trust beyond a simple learning guide. The claude-hud example contains a publisher mismatch (Anthropic vs jarrodwatts), which weakens install trust. No clear credential harvesting or outbound exfiltration is present, so this is better classified as suspicious/high-vulnerability rather than malicious.