atxp

SUSPICIOUS: the skill is internally coherent and the install source appears same-org and official, so it is not overtly malicious. However, it grants an agent high-risk real-world powers (spending, messaging, calls) and mixes them with untrusted external content ingestion and attachment sending, making the overall security exposure high even with documented guardrails.