IIUC:
1. Skynet blocks access to known evil addresses, and uses standard, built-in iptables tests to block bad inbound packets.
2. Suricata analyzes the internal structure of packets to a greater degree; looks for packet timing tricks; suspicious packet signatures; and other things I've long forgotten. These are "flagged" unless you're using a "drop" feature which will additionally drop the connection and optionally block connection to that address for a configurable period of time.
So they are not mutually exclusive (though Suricata may optionally have a set of rules that lists known evil sites, but likely not to the degree of Skynet.)
But please do run the test and let us know