pua

The fragment outlines a feature-rich, remote-enabled CLI platform with registration, token-based API access, remote prompt delivery, payments, and telemetry. While not containing executable code, the described flows present meaningful security risk vectors if implemented insecurely: token storage on disk, reliance on remote prompts for execution, payment verification integrity, and silent telemetry. The design would benefit from strong client-side protections (encrypted token storage, least-privilege file permissions, input validation), server-side controls (verifiable remote prompts, strict TLS/config verification, robust payment validation), sandboxing of remote prompts, and explicit consent/privacy controls for telemetry. Overall, moderate risk with actionable hardening steps; no evidence of malware or obfuscation in the fragment itself.

SUSPICIOUS: the skill's core 'PUA coaching' behavior is mostly aligned with its stated purpose, but its footprint is broader than a simple style layer. Third-party install trust, persistent local state, optional telemetry upload to a non-official endpoint, and propagation into sub-agents materially increase risk. This looks more like an aggressive workflow-control skill with medium security concerns than confirmed malware.