feature-to-posts

SUSPICIOUS: The core purpose is benign and the file access is mostly proportionate, but the skill instructs the agent to load additional skills by ambiguous name from an ecosystem where the same skill name appears under multiple publishers. That transitive trust risk, combined with hard-coded local file reads, makes it riskier than a simple writing guide, though there is no evidence of credential theft, exfiltration endpoints, or autonomous posting.