autoresearch

SUSPICIOUS. The skill’s research capabilities mostly match its stated purpose, but its footprint is high-risk for an AI agent: broad tool access, autonomous Bash execution, delegated agents, and heavy processing of untrusted external content create a strong indirect prompt-injection and autonomy risk. Install trust is also only moderate because the skill appears to come from a personal GitHub publisher with no visible release verification. No clear credential harvesting or explicit exfiltration is present, so this is not confirmed malware.