wasm-reverse

SUSPICIOUS. The skill is internally coherent for WASM reverse engineering and does not request excess credentials or route data through credential-harvesting endpoints, but it gives an AI agent high-risk offensive analysis capability and combines untrusted external content processing with command execution. Supply-chain risk is moderate due to unpinned/ambiguous third-party MCP tooling, though not enough to indicate confirmed malware.