Apple Media

The skill is designed to discover and control Apple media devices using `pyatv` and delegate to an `airfoil` skill. All scripts (`.sh` and `.js`) are wrappers around `atvremote` or the `airfoil` skill, directly aligning with the stated purpose. While `scripts/scan-json.js` uses `child_process.execSync`, the command executed (`atvremote scan -t <timeout>`) is fixed, and the timeout argument is explicitly cast to a number, preventing shell injection. No evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection against the AI agent was found.