inflight

SUSPICIOUS: the visible skill is thin and defers its real behavior to remote, mutable instructions. The source is same-org and therefore not strongly malicious on its face, but the runtime fetch-and-follow pattern weakens reviewability and introduces indirect prompt-injection and supply-chain trust risk.