retro

SUSPICIOUS. The retrospective functionality itself is plausible and mostly benign, and the helper binaries appear same-org and officially distributed. But this skill’s real footprint is much broader than a report generator: it can sync artifacts remotely, send telemetry, edit CLAUDE.md, migrate vendored installs, and create git commits. That makes the skill internally over-scoped for its stated purpose, with medium security risk but low evidence of deliberate malware.