testing-cors-misconfiguration

SUSPICIOUS: The skill is internally coherent as a penetration-testing aid, but its actual footprint is high risk because it teaches active exploitation and explicit exfiltration of authenticated browser data to an attacker-controlled endpoint. Tooling references are mostly normal for security work, with moderate supply-chain concern from third-party scanners and an unverified `cors-scanner` reference, but the main concern is offensive-agent enablement and credentialed data theft workflows.