cowork-setup

SUSPICIOUS. The skill’s core behavior is broadly aligned with its stated Cowork-to-Drive persistence purpose, and it avoids classic malware signals like remote installers, secret-file reads, or covert exfiltration. The main concern is data-flow integrity: it treats third-party MCP aggregators as interchangeable with an official Drive integration, so team marketing data may be routed through external intermediary services not necessary to achieve the stated goal. This is a medium-risk setup skill rather than confirmed malware.