rmwt

This script is an orchestration utility that locates a local 'handoff' skill directory, injects it into sys.path, imports credential-loading and network functions, obtains a tenant token, and calls dissolve_chat for each group from user-supplied JSON. The code itself contains no obfuscated payloads or direct malicious I/O, but the design allows a serious local supply-chain or arbitrary-code-execution risk by importing from attacker-writable directories and handling credentials. Recommendations: avoid prepending untrusted directories to sys.path, validate and sandbox or cryptographically verify locally-loaded modules, validate groups_json content and allowed chat targets, and restrict credential storage/access patterns. Treat handoff modules as untrusted until audited.