migrate

SUSPICIOUS. The skill’s migration-planning purpose broadly matches its repo analysis and refactoring behavior, but its default autonomous execution, broad write/exec capability, prompt-injection exposure from untrusted repo content, and reliance on opaque high-privilege internal sub-skills raise medium-high risk. No direct credential harvesting or explicit exfiltration is visible, so this is not confirmed malware.