team-roles

SUSPICIOUS. The skill’s behavior matches its stated purpose, but that purpose itself is high-risk: it installs remote agent roles from arbitrary sources and enables transitive trust of third-party instructions. The main concerns are supply-chain exposure and indirect prompt injection, not confirmed malware or direct credential theft.