flow

SUSPICIOUS. The stated purpose mostly matches the capabilities, and there is no explicit credential harvesting or malicious data exfiltration in the provided text. However, it is a community-published orchestrator that searches and composes third-party skills from a registry, creating transitive-trust and prompt-injection risk without clear provenance, policy boundaries, or implementation details for how retrieved skills are vetted before reuse.