intelligent-routing

[Skill Scanner] Skill instructions include directives to hide actions from user This intelligent-routing skill is conceptually benign and its capabilities align with the stated purpose (automatic request classification and agent selection). However, it contains design choices that increase supply-chain and privacy risk: 'Silent Analysis' and automatic fan-out to multiple agents without explicit, bounded data-sharing rules or least-privilege constraints. The document does not specify where downstream agents run, what network/file privileges they have, or how sensitive context is protected. If integrated into a system where agents can access external networks or secrets, this routing policy could cause unintended exposure of credentials or private project data. Recommendation: treat as SUSPICIOUS in a supply-chain context until integrated system enforces strict data governance (explicit consent notifications, minimal context forwarded, audit logs, and per-agent least-privilege), and document trust boundaries for all downstream agents. LLM verification: The provided skill file itself contains no direct malicious code, hardcoded secrets, or network calls. However, its default behavior to automatically invoke specialist agents (and the flagged directive to hide actions) creates a supply-chain risk: it can expand the execution and data-flow surface to downstream agents that may have network/file/CI privileges. Recommend: (1) remove/clarify any 'hide actions' directives, (2) require explicit user confirmation for high-impact domains (authentication