rag-implementation

SUSPICIOUS: the file is a benign-looking RAG planning guide on its face, but its core behavior is to direct the agent to install or invoke multiple third-party skills from community ecosystems. With no direct credential handling or exfiltration in this wrapper, the main risk is transitive trust and downstream supply-chain exposure rather than confirmed malicious behavior.