autoresearch

This fragment is not an obvious malware dropper, but it is a high-risk automation template because it executes attacker-influencable shell strings ({{EVAL_HARNESS}} and optional {{CHECKS_SCRIPT}}) via bash -c and generated scripts, then uses the resulting log output to drive automated git commits/resets. If an attacker can influence configuration/harness content or metric/log format, the workflow can be used for destructive actions or data theft/exfiltration without meaningful containment beyond timeouts. Treat as security-sensitive and require strict allowlisting/sandboxing of harness/check commands and strong validation of {{TARGET}}/{{TAG}} before use.

SUSPICIOUS: the skill’s capabilities largely match its stated purpose, but it grants a high-risk autonomous loop with Bash/Edit/Write and explicit instructions to keep acting without per-step approval. There is no clear credential harvesting or external exfiltration, so this is not malware, but it is a high-risk automation skill due to unsupervised command execution and prompt-injection exposure from repository content.