deep-research

SUSPICIOUS: the core purpose is plausible, but the skill relies on a nonstandard MQTT + browser-proxy control chain and an unverified extension requirement that is not clearly official or same-publisher. No direct credential theft is shown, yet the intermediary infrastructure makes the data flow and install trust weaker than a normal Gemini integration.