coding-agent

SUSPICIOUS. The skill's capabilities mostly match its purpose of orchestrating coding-agent CLIs, and the cited Codex install path is official. The main risk is not hidden malware but high-impact autonomy: it encourages background execution, auto-approval modes, processing untrusted PR content, and public remote actions like push/comment/PR creation. This makes it a high-risk operational skill even though its purpose-capability alignment is largely coherent.