roach-strategy

SUSPICIOUS: the skill is internally aligned with an automated trading strategy, and its installs appear same-org/official rather than obviously malicious. However, it performs autonomous real-money trading, suppresses routine visibility with NO_REPLY, uses unpinned raw GitHub downloads, and includes a pattern that can forward API credentials into downloaded code; this makes it high security risk without enough evidence for confirmed malware.