booth-beat

SUSPICIOUS: the skill is mostly a local orchestration wrapper, with no evident credential theft or external exfiltration, but it authorizes autonomous task dispatch without user approval and depends on an unverifiable internal `booth` workflow/CLI convention. Risk is driven by autonomy and unclear local tool provenance, not by malware-like behavior.