install-github-plugin

SUSPICIOUS: the skill’s stated purpose is coherent, and it relies on official GitHub/Claude tooling, but its actual function is to bypass normal marketplace packaging and install third-party skills/plugins from arbitrary GitHub repos. The main risk is transitive trust and prompt-injection from unreviewed repo content, not confirmed malware or credential theft.