one-flow

SUSPICIOUS. The skill’s workflow/orchestration features mostly match its stated purpose, but it depends on an unverified external `one` CLI that can execute authenticated cross-platform actions, read local/env data, and run embedded JS. The main risk is trust in that opaque runtime plus the skill’s ability to trigger real-world actions across connected services.