fuse-skills

SUSPICIOUS due to transitive skill installation and medium supply-chain risk, not because the stated purpose is deceptive. The skill is largely aligned with its fusion goal, but it instructs the agent to fetch/install third-party skills from arbitrary repos via the official CLI, creating a trust-chain risk and possible telemetry exposure. No clear credential theft or overtly malicious behavior is present.