pp-beehiiv

SUSPICIOUS. The skill's purpose and Beehiiv-focused capabilities are internally coherent, and the install path appears same-project rather than obviously deceptive. However, it expands trust to an external CLI, uses unpinned installer paths, supports arbitrary webhook delivery of results, and exposes many destructive/write operations; these factors make it a medium-risk agent skill even without evidence of outright malware.