nmap-recon

SUSPICIOUS: The skill is internally consistent with its stated penetration-testing purpose and shows low supply-chain risk, but it equips an AI agent with offensive network scanning, vulnerability probing, brute-force, and evasion capabilities. That makes it high risk as an AI agent skill even without signs of credential theft or malware.