agentforge

SUSPICIOUS: the overall workflow mostly matches the stated purpose, but the execution surface is not fully trustworthy because key `agentforge` commands/module paths are unverified. Local config scanning is somewhat broader than necessary, and GitHub-driven research plus file generation adds moderate prompt-injection risk. No clear credential theft or exfiltration path is shown, so this looks more like a risky/underspecified skill than confirmed malware.