personal-loop

SUSPICIOUS: the skill is coherent with its stated purpose, but it grants an AI agent broad autonomous authority to modify code and run local gate commands based on external prompt files, without human approval. There is no clear malware behavior, credential harvesting, third-party proxying, or supply-chain abuse in the skill itself, but its autonomy and prompt-driven execution make it a medium-risk workflow skill.