feature-implement

SUSPICIOUS: The skill’s capabilities broadly match its stated implementation-orchestration purpose, and it does not show overt exfiltration, credential harvesting, or remote download behavior. The main risks are its broad write/exec/subagent powers, its reliance on unverifiable local ~/.claude/scripts helpers, and prompt-injection exposure from reading repo-controlled planning artifacts before taking action.