search-knowledge

SUSPICIOUS: The skill’s behavior mostly matches its stated purpose, and the named external services appear to be official providers rather than proxy exfiltration endpoints. However, a required local executable/script (memory-manager.py) is central to operation yet has no provenance or verification details, and the skill leaves credential handling opaque while querying multiple memory backends. This is not confirmed malware, but the install/execution trust and data-governance story are weak enough to rate as medium-high security risk.