company-research

Benign overall. The manifest describes a controlled, isolation-friendly company-research skill that relies on an official search API (Exa) and internal task agents to distill results. There are no evident credential reads, no download/execute patterns, and no direct data exfiltration. Privacy considerations exist around collecting and aggregating public LinkedIn and other public data; ensure user-consent and data-retention policies are followed. Overall, the footprint is coherent with the stated purpose, with moderate risk mainly around data privacy handling rather than supply-chain or execution risk.