skill-factory

SUSPICIOUS: the skill’s core purpose broadly matches its capabilities, but it delegates major behavior to opaque local scripts and forwards full spec contents to external provider CLIs. The main risks are prompt-injection-through-spec, off-host data disclosure, and broad autonomous shell orchestration rather than clear malware or credential theft.