researcher

SUSPICIOUS. The stated purpose is coherent for a repo-analysis skill, but its footprint relies on an undocumented external runtime and processes arbitrary remote repositories, creating meaningful supply-chain and prompt-injection risk. No clear credential harvesting or overt malicious behavior is shown, so this looks more like a high-risk/unverifiable research skill than confirmed malware.