Mycelium

The skill facilitates agent coordination via the Mycelium CLI, which involves high-risk behaviors such as installing a binary from a third-party Homebrew tap (mycelium-io/tap) and synchronizing local markdown files from '~/.mycelium/rooms/' to a remote backend. While the documentation in SKILL.md is transparent, provides legitimate operational constraints for the agent, and includes explicit warnings against storing secrets or PII, the inherent risks of third-party binary execution and automated data exfiltration (syncing) to a configurable endpoint meet the threshold for a suspicious classification.