skill-creator

SUSPICIOUS: The skill’s core behavior is largely consistent with a skill-authoring tool, but it expands trust by invoking other skills and suggests exec-based dependency installation with unpinned packages. No clear credential harvesting or exfiltration is shown, so this is not confirmed malware; the main concerns are supply-chain and transitive-trust risk.

This module implements intended functionality to improve skill descriptions by sending local skill content and evaluation results to an Anthropic Claude model and returning a rewritten description. It does not contain clear signs of malware or intentionally obfuscated malicious code. However, it poses a moderate privacy/supply-chain risk because it transmits raw local files (which may contain secrets or sensitive data) to an external service and can persist full transcripts to disk without redaction or strong safeguards. Treat this code as functional but requiring operational controls (sanitization, logging safeguards, error handling, and administrator awareness) before use in environments with sensitive data.