autoresearch

SUSPICIOUS: the skill is internally aligned with autonomous code optimization and has no evident exfiltration or supply-chain abuse, but it grants the agent high-risk autonomous execution authority over local code and commands, including indefinite operation without per-action approval. The main risk is uncontrolled autonomy and repeated shell/git actions, not malware.