super-worktree

SUSPICIOUS: the skill’s main capabilities mostly match its stated purpose, but it normalizes copying sensitive credential files into worktrees, supports arbitrary hook execution, and is distributed via transitive skill-install mechanisms. There is no clear evidence of external exfiltration or hidden malware, so this is better classified as a high-risk local automation skill than confirmed malicious content.

SUSPICIOUS: the skill’s main capabilities mostly match its stated purpose, but it normalizes copying sensitive credential files into worktrees, supports arbitrary hook execution, and is distributed via transitive skill-install mechanisms. There is no clear evidence of external exfiltration or hidden malware, so this is better classified as a high-risk local automation skill than confirmed malicious content.

SUSPICIOUS: the skill’s main capabilities mostly match its stated purpose, but it normalizes copying sensitive credential files into worktrees, supports arbitrary hook execution, and is distributed via transitive skill-install mechanisms. There is no clear evidence of external exfiltration or hidden malware, so this is better classified as a high-risk local automation skill than confirmed malicious content.