java-serialization-audit

SUSPICIOUS: the skill’s stated purpose and capabilities are internally consistent, but it is a high-risk offensive security/audit skill because it teaches an AI agent to identify exploitable Java vulnerability patterns. It does not show malware-like behavior: no installs, no credential access, no exfiltration, and no hidden execution paths.