agent-desktop

SUSPICIOUS. The skill’s desktop-control capabilities align with its stated purpose, but trust is weakened by the unverified `agent-desktop` native binary requirement and broad Accessibility permission. No clear credential harvesting or exfiltration is present, so this looks more like a high-risk host automation skill with supply-chain uncertainty than confirmed malware.