intent-router

SUSPICIOUS: The core planning/orchestration behavior is mostly aligned with the stated purpose and official Anthropic features, but the automatic instruction to load a likely third-party `browser-test` skill introduces a meaningful transitive trust risk. No direct credential theft or exfiltration is evident, so this is not malicious, but it has medium security risk due to external skill loading and downstream command execution guidance.