research-lookup

SUSPICIOUS: the stated purpose mostly matches the networked research behavior, and the named endpoints are real services, but the skill’s actual execution depends on unprovided local scripts and routes academic searches through a third-party gateway. The extra instruction to invoke another skill further expands trust. This looks more like a moderately risky, partially unverifiable workflow than confirmed malware.