skillsman-init

SUSPICIOUS: The stated purpose matches its behavior as a skill installer, but its core action is transitive installation of other agent skills through an unverified `skillsman` CLI, including a local binary fallback with no established provenance. User confirmation helps, but the unverifiable installer and inherited trust chain make the skill high risk.