researchclaw

SUSPICIOUS. The skill is broadly aligned with its stated purpose of managing AutoResearchClaw, and the GitHub upstream reference is plausible. However, it installs and executes external tooling, may store raw API keys in config.yaml, and enables autonomous multi-stage execution with code generation/execution and network access. This looks more like a high-risk but purpose-consistent automation skill than confirmed malware.