agentic-jujutsu

This SKILL.md describes a powerful agentic version-control helper that records operations, makes AI-driven recommendations, and exposes an execute API that runs recommended operations. The primary risks are autonomy abuse (AI-suggested commands being executed automatically), supply-chain risk from embedded/native binaries and native deps, and the potential for sensitive operation data or keys to be stored or forwarded by ReasoningBank/AgentDB. There is no explicit evidence of malware or credential harvesting in the documentation itself, but the combination of an embedded binary/native module, an unrestricted execute(...) capability, and unclear data persistence/exfiltration practices makes this skill moderately risky. Before trusting or deploying, review the package source code, native module build scripts, postinstall hooks, and any telemetry or network code that sends AgentDB/ReasoningBank data externally. Require explicit human confirmation before executing any AI-recommended operation and ensure encryption keys are handled only in-memory or with documented secure storage.