ai-ship

SUSPICIOUS: the skill’s capabilities fit its stated purpose, and the referenced core tools appear official, so this is not credential-harvesting malware. However, it grants an AI agent high-impact autonomous software-delivery powers and processes untrusted GitHub/web content while retaining write/exec access, making it a materially risky automation skill.