researcher

SUSPICIOUS. The core purpose and visible capabilities mostly align with a research skill, and there is no explicit credential theft, malware payload, or unsafe installer. Risk comes from two coherence issues: it processes untrusted web content while retaining write access, and it relies on unverified transitive skills/internal functions like /document-hunter and researchers-* that are not defined here. This is better classified as a high-risk research/automation skill rather than confirmed malicious content.