autopilot-status

SUSPICIOUS: The skill’s purpose and data access are mostly coherent for a campaign-status dashboard, and there is no explicit credential harvesting or external exfiltration path. However, it relies on an undocumented local executable and unverifiable named agents without provenance, install source, or release verification, creating a moderate trust and supply-chain risk.