causal-inference

SUSPICIOUS. The skill’s stated causal-planning purpose is plausible, but its actual footprint is overly broad: it triggers on almost any consequential action, backfills sensitive communication history, and relies on third-party CLIs for account access. There is no clear exfiltration or confirmed malicious payload, but the scope and credential-adjacent tooling make it higher-risk than a narrowly scoped analytics skill.