deepvista

SUSPICIOUS: the documented capabilities fit a workflow-management skill, but the required `deepvista` CLI could not be independently verified and the skill supports transitive installation of marketplace skills into the agent environment without visible integrity controls. No direct credential harvesting or clearly malicious data exfiltration is shown in the excerpt.