autoresearch

SUSPICIOUS: the skill is purpose-aligned for autonomous optimization, but it grants an agent persistent self-directed execution with destructive git resets and arbitrary local command runs. No explicit credential theft, exfiltration, or untrusted external installer is present, so this is not malicious; the main risk is high-impact autonomy over a local repo.