team-ultra-analyze

SUSPICIOUS: the stated purpose is collaborative analysis, but the granted footprint is much broader than necessary. The combination of wildcard file access, Bash, autonomous subagent spawning, and arbitrary-content analysis creates a high-risk agentic workflow even without clear malware or exfiltration behavior.