team-assign

SUSPICIOUS: The business purpose is coherent, and most file access fits team assignment workflows, but trust is weakened by a core undocumented executable dependency (team-manager.py) and an unspecified email MCP. Data flows are mostly proportionate, with moderate risk from external notifications and unverifiable execution provenance rather than clear malicious behavior.