design-swarm

SUSPICIOUS. The core design-review purpose is coherent, but the skill’s actual footprint is broader than a simple design helper: it transitively loads many other local skills from mixed, partially unverifiable locations and processes untrusted external content while retaining implementation capability. No clear credential theft or malicious exfiltration is present, but the transitive trust chain and prompt-injection-to-action path create meaningful security risk.