autodev

SUSPICIOUS. The skill’s core behavior matches its stated purpose, but it grants an AI agent autonomous multi-session coding and automatic git commits, plus configurable shell execution and transitive use of other skills. There is no clear credential theft or external exfiltration path, so this is not malware, but it is a high-risk autonomous repo-modification skill.