iot-firmware

SUSPICIOUS: the purpose matches firmware rollout management, but the skill combines mutable runtime installation (`npx ...@latest`), broad `npx *` execution permission, and autonomous high-impact rollout operations. No direct credential theft or exfiltration is shown, so this is not confirmed malware, but it is a medium/high-risk operational skill.