research-refine-pipeline

SUSPICIOUS: the skill’s core purpose is coherent, but its footprint is broader than necessary because it grants Bash(*), web access, and agent/MCP tools for a mostly document-generation workflow. The clearest issue is the explicit stealth directive to execute Bash file-writing fallback 'silently' without asking the user, plus transitive trust in sibling skills and moderate prompt-injection risk from web content combined with exec-capable tools. No credential harvesting, malicious data routing, or suspicious installer behavior is evident in the provided skill itself.