ai-scoring

SUSPICIOUS: The skill’s main scoring guidance is coherent and benign, but it includes explicit transitive skill-install instructions using unpinned `npx skills add` against a third-party repository. That makes the install/data-flow footprint broader than necessary for a scoring guide and raises medium security concern despite no direct malware behavior in the skill content itself.