geo-update

SUSPICIOUS: the skill is purpose-aligned as an updater, but it trusts a personal GitHub repo as the live source of code and dependencies, then overwrites local agent/skill files and runs pip install from that clone. No clear credential theft or exfiltration appears, so this is not malware, but it carries medium supply-chain risk.