jeo

SUSPICIOUS. The overall workflow is broadly aligned with agent orchestration, but its footprint is large: it installs many third-party tools from mixed trust paths, rewrites local AI-agent configs/hooks, launches background services, and includes transitive skill installation. No clear credential exfiltration or overt malicious endpoint is present, so this is not confirmed malware, but the install and trust model is high risk for a skill.