deep-research

SUSPICIOUS. The skill’s stated purpose matches research orchestration, but its footprint is broad: autonomous background subagents, browser automation, Bash execution, and arbitrary web-content ingestion. The biggest issue is indirect prompt-injection risk from combining untrusted external content with tools that can execute commands and write files; secondary concern is the unpinned npx chromux fallback. No clear credential harvesting or exfiltration behavior is shown, so this is not confirmed malware.