sim-obliterator

No direct malicious indicators are visible in this YAML configuration alone; it mainly describes a conversion/patch workflow. However, it creates a meaningful security risk by cloning and executing an external Git repository at runtime (unpinned/unverified in this fragment) and by executing setup/processing scripts with declared terminal-command capability plus broad filesystem read/write/patch effects on user-provided save files. This should be treated as a moderate supply-chain and execution-risk integration requiring review/pinning/signing of the sister repo and auditing of scripts/setup.py, inspect.py, uplift.py, and download.py for command/path safety and any unexpected network or data-access behavior.

SUSPICIOUS. The stated purpose and local file access are coherent for a Sims save-file bridge, and no clear exfiltration or credential harvesting appears in the text. The main concern is install/execution trust: the skill depends on an unreviewed sister repository and local setup script whose provenance and contents are not provided, so the overall risk is moderate even without evidence of confirmed malicious behavior.