scout-ext

The skill’s stated purpose is to quickly locate relevant files using external agentic search tools. While this can be useful for large codebases, the footprint shows notable security concerns: dependency on unverifiable external binaries, potential data exposure through broad filesystem scouting, and lack of explicit sandboxing or verification of external tools. Given the potential for supply-chain and data-flow risks, this is a SUSPICIOUS design rather than clearly benign. A legitimate deployment would require verifiable provenance for external tools, strict scoping of results, sandboxed execution, and explicit data handling policies.