conform

SUSPICIOUS. The stated purpose is coherent, but the skill’s core dependency is an unverifiable `conform` CLI with no disclosed provenance while it is entrusted with sensitive documents and Google cloud credentials. Official third-party tools mentioned are normal, but the missing trust chain for the main executable and its access to external AI services make the overall skill high risk.