auto-test-code

SUSPICIOUS. The core behavior mostly matches a code review/testing skill and uses local workspace isolation, with no strong signs of credential harvesting or covert exfiltration. Risk comes from reviewing and executing against arbitrary code with write access, plus an optional upload path to a personal GitHub repo and an unverified ~/.codex/skills path; these make it moderately risky but not malicious.