dotagents

SUSPICIOUS. The skill’s behavior matches its stated purpose as a skill/package manager and same-org evidence for Sentry’s npx command is good, so this is not overtly malicious. However, it is inherently high-impact because it installs and links downstream skills from broad remote sources, creating a transitive trust chain into the agent environment; risk is driven by dependency source flexibility rather than hidden exfiltration.