tmux

SUSPICIOUS: The skill’s capabilities are broadly aligned with its stated purpose, and its data flow appears local and coherent. The main risk is not hidden exfiltration but high-impact autonomy: it launches multiple background Devin subagents with `--permission-mode dangerous`, effectively multiplying a powerful agent’s ability to act without granular approval. Official installer trust is only a low/medium supply-chain concern because the remote script appears same-org and documented.