research-assistant

The skill bundle provides a legitimate workflow for automating Bear note enrichment using the 'grizzly' CLI tool. It fetches notes with a specific tag, extracts keywords, and appends GIFs. While it accesses a sensitive API token at '~/.config/grizzly/token', this behavior is transparently documented and necessary for the stated purpose of interacting with the Bear app. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found in SKILL.md or scripts/fetch_pending.sh.