cook-auto

SUSPICIOUS: the skill’s purpose matches coding automation, but it materially increases risk by removing normal confirmations, invoking opaque local slash commands, and chaining into other local skills. No clear credential theft or external exfiltration is present, so this is not confirmed malware; the main concern is high-impact autonomous local execution with transitive trust.