coding-agent

The skill is coherent with its stated purpose of orchestrating coding-agent CLIs, and the verified install paths for Claude Code and Codex are official and proportionate. The main risk is not hidden exfiltration but high-autonomy execution: it instructs agents to run with permission-bypass modes, modify code, review untrusted PR content, and even push branches or create/comment on PRs. Overall this looks legitimate but high-impact, so it is best classified as suspicious/high-risk operationally rather than malicious.