lobotomized-claude-code-update

SUSPICIOUS. The skill is coherent with its stated purpose as a guarded updater for a customized Claude Code stack, and its Stage 1/Stage 2 approval flow is a meaningful safety control. However, it installs/updates and then builds and executes a personal-repo patcher that modifies the Claude binary, creating medium supply-chain and local execution risk even though the repo is public and purpose-aligned. No clear credential harvesting or exfiltration path is evident, so this is not confirmed malware, but it is riskier than a normal documentation or maintenance skill.