ntm

SUSPICIOUS: the skill's core orchestration purpose is coherent, but its footprint is high-risk. The main concerns are raw GitHub pipe-to-shell installation, built-in robot automation over multiple agents, arbitrary hook execution, and documented use of approval-bypass flags that weaken safety controls. This looks more like a legitimate but hazardous orchestration skill than confirmed malware.