web-vuln-scan

SUSPICIOUS: the skill is internally coherent as an offensive web security methodology, but that coherence is exactly the risk. It equips an AI agent to conduct active vulnerability scanning, default-credential attacks, sensitive-file discovery, and exploit-chain planning against live web targets. No strong malware or supply-chain evidence appears in the shown text, but the capability itself is a high-risk offensive security function for an autonomous agent.