ai-collab-dev

SUSPICIOUS. The skill's workflow purpose is coherent, but it materially increases risk by combining unattended agent operation, commit-capable execution, transitive trust in another skill, and ingestion of external AI-generated content into an agent that can write and run code. No clear credential theft or exfiltration is shown, so this is not confirmed malware, but it is a high-risk autonomous workflow skill.