last30days

SUSPICIOUS: the stated purpose is coherent, and the API endpoints are broadly aligned with research tasks, but the skill’s core execution relies on an unverifiable community script that receives user input and potentially API keys. That makes install/execution trust and credential forwarding disproportionate to a safe skill, even without evidence of confirmed malicious exfiltration.