fleet

SUSPICIOUS. The skill’s orchestration capabilities broadly match its stated purpose, but its trust and scope are high risk: it relies on an unverified core CLI (`azlin`), forwards GitHub/Azure/Claude credentials to remote VMs, and enables autonomous actions across sessions using broad transcript capture. No clear malicious exfiltration endpoint is shown, but the combination of unverifiable dependency, credential propagation, and autonomous remote control makes this a high-risk skill.