synthesize-skills

The skill is mostly coherent with its stated purpose: research, compare, and synthesize other skills. The main risk is not overt exfiltration but the combination of unpinned external tool execution (`npx`), remote repo downloads, and detailed processing of untrusted SKILL.md content that could carry prompt-injection instructions. This looks suspicious rather than malicious: proportionate in intent, but medium-risk due to supply-chain and indirect prompt-injection exposure.

No explicit malicious payload is present (no eval/backdoor/exfiltration of local secrets), but the script constructs destination paths from untrusted URL components and uses `rm -rf "$dst"` before copying. Because the `SKILL` portion can include additional path segments, this can enable path traversal and destructive filesystem actions outside the intended output directory. Additionally, the search function executes `npx -y skills@latest`, introducing a runtime supply-chain execution risk due to unpinned external dependency/version drift.