long-running-agent

SUSPICIOUS. The skill is purpose-aligned and shows no clear credential theft, hidden exfiltration, or dubious installer behavior, but it enables high-autonomy code execution, subagent spawning, repeated file writes, and repository merges with limited human oversight. The main risk is operational autonomy and prompt-injection exposure from untrusted project or research content, not confirmed malicious intent.