awt

SUSPICIOUS. The skill's core capabilities mostly match its stated QA/E2E testing purpose, but it gives the agent broad command execution and code-modification authority through an external CLI, plus optional credentialed AI-provider use with limited transparency about data handling. Main concerns are supply-chain trust in the `aat-devqa` package, autonomous local probing/rebuild behavior, and prompt-injection exposure from untrusted web/app content rather than clear evidence of malware.