ai-partner-chat

SUSPICIOUS. The core note-indexing and local vector DB behavior matches the stated purpose, and the visible install path is standard pip-based tooling. However, the skill's defining feature—having the agent generate and execute code after analyzing arbitrary note contents—creates a disproportionate indirect prompt-injection/execution risk for a chat-memory skill, even without clear evidence of exfiltration or credential theft.