offensive-jwt

This skill is coherent with its stated purpose, but the purpose itself is high risk: it enables an AI agent to conduct offensive JWT exploitation and token extraction against real targets. Install sources are mostly recognizable public security tools rather than obvious malware delivery, and there is no clear third-party credential exfiltration path, but the exploit content, command execution, and sensitive token-access guidance make this a high-risk offensive security skill.