vexor-cli

SUSPICIOUS: the skill’s stated purpose is coherent with its local `vexor` usage, so it is not fundamentally malicious. However, the external CLI introduces medium trust risk because upstream functionality can route repo content and API keys to remote providers or custom proxies, and the CLI also supports transitive skill installation. Benign for local semantic search in principle, but broader upstream footprint makes it higher risk than a purely local file-finding skill.