candango-executor

SUSPICIOUS: the skill’s core behavior is coherent for autonomous feature delivery, but it grants substantial autonomous repo modification and command-execution capability, and it chains into additional custom skills with incomplete provenance. No clear malware or credential-harvesting behavior is visible, yet the autonomy and transitive trust make it medium risk.