oma-orchestrator

SUSPICIOUS: the skill's capabilities mostly match its orchestration purpose, but it grants an AI agent broad autonomous control over spawning subprocesses, running verification loops, and acting on untrusted repository content. The main concern is high operational autonomy and prompt-injection exposure, not confirmed credential theft or malware.