run-research

SUSPICIOUS. The core purpose is coherent, but the skill combines broad Bash access, optional raw GitHub curl|shell installers, local secret-file probing, and ingestion of untrusted external content. That mix creates high supply-chain and indirect prompt-injection risk disproportionate to a typical research skill, even without clear evidence of confirmed malicious intent.