openqemu

SUSPICIOUS: the skill’s capabilities broadly fit sandbox management, but its documented API/header/runtime details are inconsistent with current public OpenSandbox docs, and it sends credentials over a configurable endpoint with no TLS enforcement. This looks more like a potentially custom or outdated internal integration than clear malware, but the endpoint trust and remote-action scope make it medium risk.