Description-Behavior Mismatch
Medium
- Confidence
- 96% confidence
- Finding
- The README states the skill does not modify remote files, but the documented workflow clearly performs remote installation/update actions via `npx skills add`, which changes the remote filesystem. This is dangerous because operators may trust the safety claims and run the skill on sensitive hosts without realizing it performs writes and package installation, increasing the chance of unintended system changes or supply-chain exposure.
