team-assign

SUSPICIOUS. The skill’s purpose and local file access are mostly consistent with team assignment, but its operational trust model is weak: core behavior depends on an undocumented local CLI, and outbound notifications may flow through an unspecified email MCP server. No evidence shows overt malware, credential theft, hidden execution, or clearly malicious exfiltration, but the provenance and data-flow ambiguity make the skill medium risk.