rust-node-bootstrap

SUSPICIOUS: The core scaffolding behavior is mostly consistent with the stated purpose, but the skill relies on installing additional skills from a different org than the stated publisher. That transitive installation pattern and publisher mismatch create a meaningful trust and supply-chain risk, even without direct credential handling or exfiltration.