team

SUSPICIOUS: the skill’s core behavior matches its stated tmux orchestration purpose, but its footprint is high risk because it grants a third-party runtime durable control over multiple Codex/Claude sessions, automates commits and cleanup, and explicitly bypasses normal permission prompts with `--dangerously-skip-permissions` and auto-accept behavior. This is not confirmed malware, but it is operationally dangerous and should be treated as a high-risk orchestration skill.