coding-agent

This skill provides powerful, legitimate capabilities for multi-file coding tasks but also grants broad privileges (full shell and filesystem access) to a transitive subagent. The feature set — including an explicit '--yolo' flag to bypass permissions — creates a moderate-to-high security risk: it's capable of credential discovery and forwarding, arbitrary code execution, installing remote packages, and exfiltrating data. The code as presented shows no evidence of explicit malicious payloads, but its design permits malicious activity if misused or if the subagent is compromised. Recommended mitigations before deployment: enforce strict sandboxing (containerize/chroot), restrict filesystem scope and network egress, disable or forbid the '--yolo' option in untrusted contexts, require explicit per-action approvals and comprehensive command auditing, and restrict use of elevated third-party CLIs that can leak credentials. Treat this skill as high-risk unless strong runtime controls are applied.