novita-sandbox

SUSPICIOUS: the skill is broadly coherent with its stated Novita sandbox-management purpose and uses mostly official Novita/npm/GitHub paths, so there is no strong evidence of malware. However, it combines transitive skill installation, mutable remote downloads, global CLI upgrades from a beta tag, Node bootstrap via curl|bash, and credential forwarding into remote sandboxes, which makes the overall security footprint medium risk.