external-research

SUSPICIOUS: the stated purpose is coherent, and the referenced upstream service (Context7/Upstash) is legitimate, but the skill routes through an undocumented custom '/external-scout' command and has the agent ingest untrusted external content that can shape subsequent code changes. Main risk is indirect prompt injection plus partial install/execution trust ambiguity, not confirmed malware.