parallel-swarm-implementation

SUSPICIOUS. The skill’s broad orchestration behavior mostly matches its stated meta-skill purpose, and the main external tool (`claude-flow`) appears to be a real same-project npm/GitHub dependency rather than an obvious fake installer. However, it materially expands trust by dynamically invoking other skills/agents, uses an unpinned alpha-channel CLI, forwards project data into external memory/hook tooling, and enables highly autonomous execution loops. This is better classified as a high-risk orchestration skill than confirmed malware.