The skill is a coherent KingDoc document-management integration, but it asks for broad cloud document authority while several destructive and credential-handling safeguards are only documented, not enforced in the artifacts.
Review before installing. This skill is not showing artifact-backed malware or hidden exfiltration, and VirusTotal is clean, but it can read, edit, overwrite, share, delete, and permanently destroy KingDoc files using broad personal/team scopes. Install only in an environment where plaintext config.json secrets are protected, avoid granting more OAuth scopes than needed, require human confirmation for overwrites, sharing, permission changes, rollback, delete, and permanent destroy, and rotate the App Secret if the skill directory or logs may have been exposed.