autonomous-agent-harness

SUSPICIOUS. The stated purpose matches the capabilities, but this skill materially expands the agent into autonomous, recurring, cross-system operation with memory and optional computer control. The main risks are unpinned/unverified MCP package installation, broad autonomous action scope, and prompt-injection/data-handling exposure from external content. Not confirmed malicious, but high-impact and should be treated as a sensitive automation skill.