code-engine-update

SUSPICIOUS. The skill’s purpose is coherent for Domo package lifecycle management, and the fallback API path is proportionate and vendor-aligned. However, its primary execution path depends on an unverified `community-domo-cli` that does not match Domo’s official documented CLIs, creating a material supply-chain trust gap for a skill that performs real package mutations.