security-auditor

SUSPICIOUS: The skill is internally coherent as a security-auditor skill, but it materially includes offensive-security capabilities such as penetration testing, red teaming, and social engineering. There is no evidence of malicious install paths, exfiltration, or credential harvesting in the provided content; the risk comes from empowering an AI agent to perform or guide high-impact security testing.