crank

SUSPICIOUS. The skill's capabilities broadly match its stated purpose as an autonomous epic executor, so it is not obviously deceptive, but its footprint is inherently high risk: unattended multi-wave command execution, file modification, sub-agent spawning, and delegated skill chaining. Install trust for bd is moderately acceptable despite curl|bash, while ao remains insufficiently verified from the supplied evidence. Main concern is autonomous execution and prompt-injection exposure, not confirmed malware.