subagent-driven-development

SUSPICIOUS: the core orchestration behavior matches the stated purpose, but the required dependency on external named skills creates a transitive trust risk, and the workflow enables fairly autonomous code changes and commits. No direct credential theft, exfiltration, or malicious payloads are present in this skill text.