tiangong-kb-ingest

SUSPICIOUS: the skill’s purpose and stated boundaries are mostly coherent, and it avoids disproportionate credential requests, but it relies on a local Tiangong CLI/wrapper whose official provenance was not verified from the provided evidence. Main risk is supply-chain and trust in an opaque external tool handling local document uploads, not clear malicious behavior.