design-import

SUSPICIOUS: The skill’s stated purpose and primary data flows mostly align with design bundle import and code scaffolding, and there is no clear credential theft or malicious exfiltration in this file. The main risk is that it processes untrusted remote bundle content and forwards it into write-capable subagents with Bash access, creating a notable indirect prompt-injection and delegated-trust surface; optional third-party MCP use adds moderate supply-chain uncertainty.