social-engineering

该技能不是普通信息检索助手，而是明确为社会工程学攻击、钓鱼和凭据相关攻击做准备的进攻型技能。安装来源本身无明显供应链问题，且数据主要流向官方 API，但技能的实际能力与用途直接服务于现实世界攻击，因此应归类为高风险、可疑的进攻性 AI Agent Skill，而非良性开发工具。

This fragment is an overtly malicious attack playbook that provides actionable phishing/pretexting templates, credential-guessing support, OSINT collection guidance, and watering-hole/supply-chain compromise planning. If included in any distributed package, it should be treated as a high-severity supply-chain security incident and removed/quarantined pending full provenance and dependency review.