join-project

SUSPICIOUS. The core local-reading behavior matches a project-orientation skill, but the artifact is internally inconsistent: it claims read-only operation while explicitly instructing file creation and wiki updates, and it introduces transitive trust by invoking other unverified skills. No direct credential theft, exfiltration, or remote installer is present in this snippet, so this is not confirmed malware, but it is not coherent with its stated footprint.