front-dev

SUSPICIOUS. The core frontend capabilities are coherent and mostly use official ecosystems, so this is not fundamentally malicious. However, the skill expands beyond a normal frontend guide by instructing installation of a separate third-party skill and by introducing an annotation/MCP workflow that feeds untrusted external content into the agent, creating medium supply-chain and prompt-injection risk.