McDonald's China

The skill bundle is classified as benign. It clearly defines its purpose to interact with McDonald's China MCP server using a CLI tool. It requires the `MCDCN_MCP_TOKEN` environment variable, which is necessary for its stated function and not used for exfiltration. The installation method specified in `SKILL.md` uses Homebrew (`brew install ryanchen01/tap/mcd-cn`), which is a standard package manager instruction and does not indicate malicious execution or prompt injection against the agent. No evidence of data exfiltration, persistence, or obfuscation was found.