pp-redfin

SUSPICIOUS. The core purpose is coherent for a Redfin analysis skill, and there is no direct credential harvesting or obvious malicious code. However, the skill depends on third-party executables installed at runtime from a different publisher namespace than the skill author, uses mutable installers, adds an MCP server, and exposes arbitrary webhook delivery. This is better classified as medium-risk supply-chain and outbound-data exposure rather than confirmed malware.