codex-autoresearch-loop

SUSPICIOUS: the skill’s core purpose is autonomous code modification, but its footprint is unusually broad and high-risk: unbounded unattended execution, automatic git actions, external web-search escalation, and transitive remote skill installation. The ara.so branding versus third-party GitHub install source further weakens trust, so this should not be treated as a benign documentation-only skill.