team

SUSPICIOUS. The skill’s capabilities mostly align with its stated purpose as a tmux-based multi-agent orchestrator, and its data flow is local rather than overtly exfiltrative. However, it grants broad execution power, enables persistent autonomous worker sessions, instructs autonomous git commits, and most notably weakens safety controls through `--dangerously-skip-permissions` plus auto-accept trust/bypass behavior. This is not confirmed malware, but it is a high-impact operational skill that should be treated as medium-high risk.