project-documentation-workflow

SUSPICIOUS: The core behavior matches a documentation workflow, but its footprint is broader than a simple local doc generator because it sends repo-wide context through an external ccw/Gemini path and then lets parallel agents with Bash/Write act on derived instructions. No clear credential theft or overt malware is present, but the combination of external analysis, broad repository ingestion, and autonomous agent execution creates medium security risk.