skill-autoresearch

SUSPICIOUS. The skill’s core behavior is mostly aligned with its stated purpose, and there is no strong evidence of malware, credential harvesting, or malicious data routing. The main risk is that it gives an agent autonomous read/write/bash capability to iteratively modify another skill based on external skill content and linked references, creating medium risk of unsafe self-modification or indirect prompt injection rather than direct exfiltration.