team-quality-assurance

SUSPICIOUS: the stated QA purpose broadly matches discovery/testing capabilities, but the skill is overpowered for a router, gives autonomous background agents write+exec authority, and depends on an external `maestro delegate` tool whose provenance is not established here. Main risks are autonomous code modification, prompt injection from repo content, and unclear external command/message-bus trust rather than confirmed malware.