multitask

SUSPICIOUS: The skill’s main behavior matches its stated purpose, but that purpose is inherently high-impact: autonomous parallel code modification and likely PR creation via subprocess agents. Data flows stay mostly local/GitHub-consistent and there is no clear credential-harvesting or exfiltration path, so this is not confirmed malware; however, the combination of broad command execution, multi-repo automation, and prompt-injection exposure makes it a high-risk skill.