ln-013-config-syncer

SUSPICIOUS: the core config-sync and marketplace verification behavior is internally consistent and uses native install flows, so this is not malware. However, the skill deliberately sets Codex to never ask approval and to run with danger-full-access, which is a high-impact reduction of security controls and makes the overall skill risky for an AI agent.