processon-diagram-generator

SUSPICIOUS. The core purpose is coherent for a diagram tool, and the API key requirement is proportionate, but the skill adds unnecessary trust risk through mandatory remote version checks, suppressed error disclosure, and especially a built-in transitive skill installation path from GitHub. Without the Python client code or external publisher verification, this is not confirmed malicious, but it exceeds a purely local diagram-generation footprint.