recipe-implement

SUSPICIOUS: the skill is broadly consistent with an implementation orchestrator, but it grants substantial delegated power to unspecified subagents and a community skill without provenance or version guarantees. There is no clear credential theft, exfiltration, or malicious payload behavior; the main risk is transitive trust plus semi-autonomous codebase actions like commits and cleanup.