5dive-cli

SUSPICIOUS. The skill’s capabilities mostly align with its stated purpose as a local multi-agent orchestrator, but that purpose is inherently high-impact: it grants privileged control over spawning and directing additional agents, forwards credentials and bot tokens into a local broker CLI, and supports transitive installation of other skills into children. No direct credential theft or covert exfiltration is shown, so this is not confirmed malware, but it is a high-risk orchestration skill whose safety depends heavily on independently verifying the local `5dive` binary and any child skills it installs.