researchclaw

This skill is purpose-consistent but high-impact: it enables autonomous research, generated code execution, optional remote SSH execution, and bypass of approval gates. No clear evidence of credential theft or deceptive third-party routing is present, but the autonomy and execution scope make it a suspicious/high-risk skill rather than benign.