agent-tools

No direct malware is evidenced in the provided fragment because it contains only installation/authentication instructions. The primary concern is supply-chain risk from executing a network-fetched installer via `curl ... | sh` without demonstrated integrity verification or pinning. Credential-handling behavior is not shown; therefore storage and secret-leakage risks cannot be confirmed or ruled out from this snippet alone. Review and verify the actual distributed CLI/installer code and enforce integrity controls before use in sensitive environments.

SUSPICIOUS. The core AI-app purpose mostly matches the capabilities, and the installer appears same-service rather than obviously rogue, but the skill meaningfully expands trust and action scope: it installs additional skills, uploads local files to cloud services, and enables autonomous Twitter/X actions with real-world consequences. High security risk, but not confirmed malware.