test-subworkflow

SUSPICIOUS: The visible skill is minimal and purpose-aligned, but it provides almost no auditable behavior of its own and relies entirely on an ambiguously sourced external `synapse` CLI/subworkflow. No credential theft or exfiltration is shown, yet the unverifiable execution dependency makes the skill high-risk to trust.