Trakt

The skill is about querying trakt.tv history and search and its runtime instructions rely on the trakt-cli tool and trakt OAuth credentials — that is reasonable and expected. Minor inconsistency: the registry metadata provided with the skill lists no required binaries, but the packaged SKILL.md declares a dependency on the 'trakt-cli' binary.

SKILL.md stays on-task: it instructs installing trakt-cli, creating a trakt app, authenticating, and running read-only commands (history, search). It references storing credentials at ~/.trakt.yaml so the CLI can access history; there are no instructions to read unrelated files or exfiltrate data.

This is an instruction-only skill with no formal install spec in the registry. The SKILL.md recommends 'npm install -g trakt-cli' — a normal but non-trivial action (global npm install writes system locations and installs third-party code). The absence of a registry install entry (while SKILL.md specifies installation) is an inconsistency to be aware of.

No environment variables, secrets, or unrelated credentials are requested by the registry. The only credentialing is user-created trakt OAuth client id/secret (expected for this purpose) and local tokens stored in ~/.trakt.yaml.

The skill does not request permanent inclusion (always: false) and does not claim to modify other skills or system-wide settings. The CLI will store auth tokens locally (~/.trakt.yaml), which is typical for an OAuth CLI tool.