legal-risk-assessment-zacharie-laik

SUSPICIOUS: the legal-research purpose is coherent and official GoodLegal endpoints match the stated function, so the skill is not fundamentally malicious. However, the documented optional `npx mcp-remote` bridge and API-key-in-URL pattern create medium security risk through third-party credential forwarding and broader secret exposure; direct HTTP MCP with header auth is materially safer.