link-to-im

No direct indicators of credential theft, network exfiltration, backdoors, or obfuscated payloads are present in this snippet. However, it performs high-impact dependency tampering by overwriting installed package sources under node_modules and then executing a local compiler toolchain (tsc or esbuild) to regenerate dist outputs. This is a legitimate patching workflow if patches and toolchain are trusted; otherwise it materially increases supply-chain compromise impact by turning tampered patches/tooling into runtime code.

No clear indicators of malicious payload behavior are present in this fragment; it functions as a standard launchd supervisor for a Node.js daemon. However, it significantly increases credential exposure by embedding API keys/provider secrets into a generated LaunchAgents plist on disk and by logging to configurable file paths. Additionally, it constructs plist XML via unescaped interpolation, which can cause malformed configuration if values contain XML-sensitive characters. Overall: likely legitimate process management with medium security risk driven by secret handling and plist/XML hygiene.

SUSPICIOUS. The skill is broadly aligned with its stated IM-bridge purpose, but it collects multiple platform secrets, writes them to disk, executes unreviewed local scripts, and enables outbound messaging by the agent. With script contents and dependency provenance missing, this is best classified as medium-high security risk rather than confirmed malware.