hunter-skeptic-referee

SUSPICIOUS: the skill’s purpose is coherent, but it grants broad code-review autonomy and routes substantial untrusted content through multiple subagents, creating notable indirect prompt-injection risk. No credential harvesting, external exfiltration endpoint, or malicious installer is present, but the unverified subagent identities and recursive agent orchestration make it medium-risk rather than benign.