This skill mostly does what its README says (find and manage .project-lock project files), but there are several red flags you should address before installing or running it on sensitive systems: - Interoperability bugs: create.js writes JSON lock files while discover/validate expect a plain-text NAME:/ROOT: format — the tool may not work as intended and could overwrite or create unusable lock files. - Broken shell command: validate.getCurrentProject contains a malformed execSync('bash -c ...') string; it will likely fail and may produce unexpected shell behavior. - Shell execution risks: the code runs find, cat, grep, sed and other shell commands with interpolated paths. If any path or env value is attacker-controlled or contains quoting characters, this could lead to command injection or accidental reading of unrelated files. Prefer replacing shell calls with native Node FS traversal or robustly sanitize/escape inputs. - File-write behavior: createLockFile will write .project-lock to arbitrary provided directories and may overwrite existing files without prompting. Recommendations: - Do not run this skill as a privileged user; test it in a disposable environment first. - Review and fix the create/discover format mismatch (choose either the textual protocol or JSON and make all components consistent). - Fix the malformed shell quoting in validate.getCurrentProject and remove unsafe shell pipelines; use native fs operations where possible. - Add explicit input sanitization/escaping for any path used in execSync, or avoid execSync entirely for path searches. - If you need the functionality but cannot audit/fix the code, avoid installing in environments with sensitive data. If the owner can provide an updated release that removes shell pipelines (or properly sanitizes inputs) and fixes the format/logic bugs, that would raise confidence in the skill.