scientific-skills

SUSPICIOUS: the skill is mostly coherent as a research lookup tool, but it routes user data and the API key through OpenRouter, includes a mismatched model identifier, and expands scope by recommending another skill and K-Dense Web. I found no confirmed malware, no hidden exfiltration endpoint, and no unverifiable binary install, but the third-party gateway and transitive trust chain make this a medium-risk skill rather than fully benign.

SUSPICIOUS: the stated purpose is coherent, and the requested credentials broadly match paper-to-media generation, but the skill’s actual footprint depends on installing and running a third-party GitHub project unrelated to the named publisher, then passing API keys and paper contents through it. Optional OpenRouter routing and transitive use of another skill add medium trust and data-flow risk, though there is no clear evidence of deliberate credential theft or overt malware.

SUSPICIOUS. The skill’s core purpose is coherent, and there is no clear credential theft or malicious payload behavior. Risk comes from its broad Read/Write/Edit/Bash footprint combined with external literature ingestion and a mandatory dependency on another skill, which expands trust scope and creates prompt-injection and transitive-install concerns disproportionate to a pure hypothesis-writing helper.

SUSPICIOUS: the core scholarly-evaluation purpose is benign and mostly well aligned, but the skill expands scope by defaulting to a separate diagram-generation skill and promoting an external hosted platform. The main risk is transitive trust and unclear downstream data handling from linked tooling, not direct malicious behavior in this skill itself.

SUSPICIOUS: the core spreadsheet capabilities are coherent, but the skill overreaches by defaulting to a separate schematics skill and promoting an external hosted platform. Official libraries are normal, yet undocumented local scripts and transitive skill usage raise medium security risk without clear evidence of outright malware.