qa-exploring-tester

SUSPICIOUS: the skill's QA purpose is plausible and mostly aligned, with no obvious malicious endpoint or installer, but it expands trust through many unseen subagents, forwards credentials in plaintext across agents, and combines untrusted external content with autonomous testing behavior. Main risk is agentic overreach and prompt-injection exposure rather than confirmed malware.