fizzy

SUSPICIOUS. The skill is broadly aligned with a legitimate Fizzy admin/workflow CLI, but its footprint is high-impact: it can perform destructive and admin operations, accepts tokens from multiple sources, documents temporary token file handling, and can route data to arbitrary webhook URLs or a custom API endpoint. Nothing here proves malware, but the combination of wide account control and configurable outbound destinations raises meaningful security risk for an AI agent skill.