pp-producthunt

SUSPICIOUS: the core Product Hunt read/analysis behavior is coherent, but the skill depends on third-party CLI/MCP binaries from a different publisher identity than the listed author, forwards Product Hunt credentials to that CLI, and includes arbitrary webhook/feedback posting paths. This is not clearly malicious, but it has medium supply-chain and data-flow risk beyond a simple read-only API skill.