task-orchestrator

Overall this skill is functionally aligned with its stated purpose (automated multi-agent orchestration). However it contains high-risk automation patterns: unconstrained autonomous model execution (--yolo / --full-auto), automatic keystroke injection to answer prompts, embedding runtime logs and repo content into model prompts (possible secret leakage), and automatic pushing/PR creation without human review. These behaviors are plausible for an orchestration tool but substantially increase the attack surface and risk of accidental data exfiltration, unwanted destructive actions, and unauthorized changes. I categorize the package as SUSPICIOUS: not clearly malicious by intent, but dangerous in practice unless strict safeguards (credential isolation, prompt redaction, dry-run modes, human approval gates, audit logging) are added before use.