cross-agent-delegation

SUSPICIOUS: the skill’s routing purpose is plausible, but it silently delegates code and context to multiple external AI tools, makes broad context capture mandatory, and performs autonomous third-party review without per-action approval. No direct credential theft is shown, but the hidden data flow and expanded tool footprint are disproportionate enough to warrant medium-high risk.