bmad-orchestrator

SUSPICIOUS: the skill’s workflow-orchestration behavior is mostly aligned with its stated purpose, but it introduces elevated trust risk by installing/loading from a third-party skills repository and delegating core actions to external tools/agents. The main concerns are transitive skill installation, bash-enabled orchestration, and moderate indirect prompt-injection surface rather than clear malware or credential theft.