create-project-skills

SUSPICIOUS: The skill’s core read/write behavior matches its stated purpose, and there is no evident credential theft or external exfiltration. The main concerns are transitive trust in an unseen /create-skill skill and elevated indirect prompt-injection risk from scanning untrusted repository content with parallel agents that can then write files.