kage-bunshin

SUSPICIOUS: the skill’s purpose matches its capabilities, but its footprint is high-risk because it spawns parallel Claude sessions with inherited project/user capabilities and explicitly disables permission prompts via --dangerously-skip-permissions. There is no obvious external credential exfiltration path or malicious installer, but the autonomous multi-agent control model materially increases execution and prompt-injection risk.