ops-next

SUSPICIOUS: the stated purpose is coherent, but the skill executes unverifiable local plugin binaries and has a broader-than-needed action surface, including downstream skill routing and external data enrichment. No clear credential harvesting or malicious exfiltration is shown, so this is better classified as a medium/high security-risk ops orchestration skill rather than confirmed malware.