潜客挖掘

The description promises web scraping, contact extraction, CSV/Excel export and a CLI usage example, but the package contains no code, no install, and declares no required binaries or credentials. A real 'lead generator' would normally include an implementation, dependencies, or explicit API endpoints — those are missing.

SKILL.md provides only high-level features and a single CLI usage line ('lead-generator ...') but no concrete runtime instructions for the agent (no endpoints to call, no scraping rules, no consent or data-source limits). This vagueness could cause an agent to (a) attempt to execute a non-existent CLI or (b) try arbitrary web scraping without safeguards or specified sources.

No install specification (instruction-only). That lowers direct delivery risk, but is inconsistent with the documented CLI usage — the skill references an executable that is not provided or installed, which is an incoherence rather than a safe-by-design signal.

The skill requests no environment variables or credentials but advertises an 'API access' enterprise tier — this mismatch is unexplained. Extracting contact information often requires access tokens or explicit data sources; the lack of declared credentials or config is disproportionate to the claimed capabilities.

No elevated persistence requested (always:false). The skill is not set to be force-enabled and uses default autonomous-invocation behavior; there is no evidence it modifies other skills or system settings.