pp-substack

SUSPICIOUS: the skill is coherent as a Substack automation wrapper, but it expands trust to external CLIs/MCP components, uses browser-cookie account access, enables autonomous public posting, and adds an arbitrary webhook sink that can exfiltrate output. This is high operational risk even without clear evidence of confirmed malware.