investigate

SUSPICIOUS: the core research behavior is coherent with the stated purpose and there is no clear credential theft or exfiltration, but the skill instructs transitive installation of an unverified third-party sibling skill and combines external-content ingestion with write/agent-execution capabilities. Main concern is supply-chain and prompt-injection exposure, not confirmed malware.