MicroSaaS Launcher

The skill is classified as suspicious due to the extensive use of high-risk capabilities that, while plausibly necessary for its stated purpose, create significant vulnerabilities. Specifically, the `SKILL.md` instructs the agent to use `exec` for arbitrary command execution (e.g., `git`, `npx`, `supabase cli`, `vercel deploy`), and critically, to 'schedule cron job' for persistence. It also directs the agent to handle and configure sensitive credentials and API keys (GitHub, Vercel, Stripe). While there is no explicit instruction for malicious actions like data exfiltration or unauthorized remote control, these powerful primitives make the agent highly susceptible to prompt injection attacks, potentially leading to Remote Code Execution (RCE) and unauthorized persistence on the host system.