orchestrator

SUSPICIOUS: the skill’s core purpose matches orchestration, and the referenced CLIs appear to be official developer tools rather than fake payloads. The main risk is scope and autonomy: it empowers the agent to spawn subprocesses, run background AI CLIs, merge/delete branches, and push code with limited approval boundaries, so it is a high-risk automation skill rather than confirmed malware.