vs-autopilot

SUSPICIOUS. The skill’s capabilities mostly match its stated purpose, but its footprint is high-risk because it enables broad autonomous code execution and repository modification with effectively no per-action approval. There is no clear credential harvesting or exfiltration behavior, so this is not confirmed malware, but the autonomy, dynamic loading of other skills, and prompt-injection exposure make it a high-risk agent skill.