tiangong-lca-remote-ops

SUSPICIOUS: the stated remote-ops purpose is coherent, but the trust chain is not. The skill requires an external `tiangong` CLI of unclear official provenance and forwards a sensitive API key to it, creating a high supply-chain and credential-forwarding risk even without direct evidence of malicious intent.