pp-ahrefs

SUSPICIOUS: the skill is mostly aligned with its stated Ahrefs read-only analysis purpose, but it relies on a non-Ahrefs third-party CLI/MCP wrapper, requires an Ahrefs API key, and supports arbitrary webhook delivery of results. The footprint is not fundamentally incompatible with the purpose, so this is not malware, but the install trust and data-routing model create medium security risk.