cass

SUSPICIOUS: The skill's core capabilities mostly match its stated purpose, but its footprint is broad and sensitive: it aggregates many local agent histories, can use a decryption key, discovers SSH hosts, syncs data across machines, and may install itself remotely. The main trust concern is the raw GitHub pipe-to-shell installer from a personal account. This looks more like a high-sensitivity developer tool with meaningful supply-chain and remote-access risk than outright malware.