autoresearch

BENIGN in purpose alignment but HIGH-IMPACT operationally: it is a coherent local ML automation skill, not a credential harvester or exfiltration tool. Main risk comes from indefinite autonomous code modification/execution and destructive git actions; supply-chain risk is limited to official but unpinned `uv` usage.