ssti-detect

SUSPICIOUS: the skill is coherent in purpose, but its purpose is to equip the agent with offensive web vulnerability testing capability. There is no clear credential theft, exfiltration, or malicious supply-chain behavior in the text, so this is not confirmed malware; the main risk is enabling AI-driven security probing against targets.